It seems that security breaches are getting worse. Not long after the Nationwide disaster, the full extent of the breach suffered by US retailer TJX -parent company of TK Maxx in the UK - has become clear.
The company has admitted, a full two months after hinting that some kind of breach might have taken place, that "at least" 45.7 million global customer details have been compromised.
The data was accessed by hackers on TJX's systems in Watford, Hertfordshire, and Massachusetts over a 16-month period from July 2005 and covers transactions made by credit and debit card dating as far back as December 2002.
Luckily, TJX reckons at least three-quarters of the affected cards had expired or data had been masked. A spokesperson for UK banking association APACS told the media that the security compromise was "massive" and on a previously unheard-of scale.
TJX has been understandably coy about revealing what security measures were in place. Although initial speculation focused on encryption technology having been compromised through hackers gaining access codes for the software, no official comment has been forthcoming.
Irrespective of the technicalities of how the hackers compromised the company's systems, the incident stands as a salutary lesson to all businesses, from global brands to SMEs. The full impact of the incident on sales remains to be seen, but it's a fair bet that at least a few of those 45.7 million people will think twice before handing over their plastic to TJX again.
This may not have been the best time for UK retailer Matalan to announce its plan to offshore its core IT systems to India and Poland, including point-of-sale, stock control and replenishment, merchandising and finance applications.
Although TJX has managed to bag the biggest breach award, there are plenty of prizes left. UK broadband provider Bulldog lost private details on 100,000 customers.