Six out of the seven financial institutions affected by the theft of customer data from The TJX Companies have agreed to the group's settlement terms.

The seven banks and bankers associations had sued cut-price retail group TJX after millions of customer records were stolen by hackers who got hold of the details of Visa card-holders.

But under the terms of the deal, TJX has denied all wrongdoing, reaching a financial settlement with the Massachusetts Bankers Association, Connecticut Bankers Association and the Maine Association of Community Banks, along with Eagle Bank, Saugusbank and Collinsville Savings Society.

The agreement comes after TJX reached an earlier US$40.9m settlement with Visa USA Inc and Visa Inc, with payments to be made by 27 December.

"It has been almost one year since TJX discovered that our computer system had been criminally attacked," said TJX president and CEO Carol Meyrowitz.

"In that time, we have further strengthened our security and achieved full compliance with the Payment Card Industry Data Security Standards."

She added: "The TJX experience underscores broader challenges facing the US payment card system that require urgent action by merchants, banks, payment card companies and associations, and we look forward to greater co-operation in order to better serve and protect customers."

The records of at least 45.7m customers were stolen from databases in 2005 and 2006. 

At risk was data from the company's TJ Maxx, Marshalls, HomeGoods and AJ Wright divisions in the US and Puerto Rico, as well as its Winners and HomeSense chains in Canada, and its TK Maxx operation in the UK and Ireland.