This year's large security breach at TJ Max was in the spotlight of much attention from its customers, from security professionals, and from the media in general. The common consensus was that this incident would cost TJ Max a lot of money and hit its share holders just as hard.

I just read a post over at web application security lab blog, in which they publish a new vulnerability that they found in the web site of the store.

As if that wasn't shocking enough; the post continues with the observation that the breach does not seem to have any significant impact on the stock's value. Not only did the stock recover all that it lost, it is even higher than directly after the breach became public knowledge.
As RSnake points out: this will not make selling information security easier; even after a highly publicized breach and the following loss of confidence, the stock is already up less than a few months later.