The TJX Companies is offering three years of credit-monitoring services along with identity theft insurance coverage to all consumers whose driver's license or other personal data may have been compromised by the massive data breach disclosed earlier this year by the retail company.

Consumers who had to replace their driver's licenses because of the compromise will also be reimbursed for the actual replacement costs under a proposed consumer class-action settlement announced by the company on Friday.

In addition, individuals whose driver's license or other ID numbers were the same as their Social Security numbers will be reimbursed for "certain losses from identity theft," the company said. Customers who had to change bank and credit card information because of the breach will receive vouchers redeemable in TJX stores in the U.S, Canada and Puerto Rico. As part of its settlement action, sometime next year TJX will hold a one-time, three-day customer appreciation event at which it will offer a 15% discount on all goods.

The settlement is not yet final and is subject to court approval. It is also contingent on an independent evaluation of the information security enhancements implemented by the company in the wake of the breach. TJX did not say how much the proposed settlement would cost. But it noted that the estimated costs were part of its previously announced fiscal 2008 second-quarter charge of $118 million and fiscal 2009 noncash costs of $21 million.

The proposed settlement, which covers all class actions in the U.S., Canada and Puerto Rico, "addresses the different ways customers have told us they have been impacted by the intrusion(s)," TJX CEO Carol Meyrowitz said in a statement. "Importantly, we truly appreciate our customers' continued patronage. TJX has been working diligently to reach a settlement that offers a good resolution for our customers."

The company's statement is available as an "important customer alert" on the main TJX Web page.

TJX is the owner of a number of retail brands, including T.J. Maxx, Marshalls and Bob's Stores. In January, the company announced that someone had illegally accessed one of its payment systems and made off with card data belonging to an unspecified number of customers in the U.S., Canada, Puerto Rico and potentially the U.K. and Ireland. Later, it revealed that the number of cards compromised in the break-in was 45 million, making it the biggest compromise of personal data ever reported.

For more enterprise computing news, visit Computerworld. Story copyright Computerworld, Inc.