The massive data breach at $16 billion retailer TJX involved someone apparently armed with the chain's encryption key, but it might not have been needed as the cyber-thief was accessing data during the card-approval process before it was encrypted.

These are among the latest details in what is almost certainly the worst retail data breach ever.

In a 10-K filing to the federal SEC (Securities & Exchange Commission), TJX said it didn't know who the intruders were, but it did provide more details about what they say happened that led to the card information of some 46 million consumers to get into unauthorized hands.

The link for this article located at eWeek is no longer available.