TK Maxx highlights database risks, sends warning to UK National Identity Register Project

Imperva raised concerns that the rising number of database related security breaches in the US might soon affect major UK database projects like the Government’s National Identity Register (NIR) scheme.

Database vulnerabilities are reported to have been at the heart of several recent high profile incidents in the US, especially among online banking and other financial institutions. In the recent case of discount retailer TJX, owner of UK retailer TK Maxx, hackers were able to steal millions of payment card details. There is mounting concern that the trend towards database vulnerabilities and misconfigurations being specifically targeted by hackers for financial gain may soon come to the UK.

“Under US disclosure laws firms are obliged to go public when there has been a serious breach of security,” says Jonathan Mepsted, Imperva’s managing director for EMEA. “In the UK and the rest of Europe there are no such laws. “We can only suspect that such incidents are equally commonplace over here,” he continues, “but we just do not hear about them. This is why it is imperative the UK Government is seen to be doing all it can to implement the technology, policies and practices to eliminate database security risks.”