Home Depot Security Breach More Severe than Target's; 56 million cards at risk

By Julian Burrell| Sep 19, 2014

Earlier this month it was reported that Home Depot discovered a cyber-attack against their security system. Today the extent of the damage has been revealed as the company has said that 56 million credit cards' payment information has been compromised. 

This makes Home Depot the latest victim of customer data loss in a year that included popular consumer chains such as Albertson's, Michaels, Neiman Marcus, P.F. Chang's, SuperValu and, perhaps most infamously, Target.

Home Depot is attributing the breach to malicious software and says that it has been contained and eliminated. The point-of-sale terminals that were infected by the malware have also been taken out of service. In the place of the original terminals will be machines that accept more secure chip-enabled EMV.

Per Fox News, company CEO Frank Blake said, "We apologize for the anxiety this causes our customers, and I want to thank them for their patience and support as we work through this issue."

The malware was apparently custom-designed to avoid being detected by firewalls and technical research. While earlier reports claimed that the same software had been used in earlier breaches in other companies, Home Depot denies this.

The malware was placed on stores point-of-sale terminals and cash registers between April and September. Stores in the United States and Canada were all affected, but stores in Mexico were not under threat.

On Sept. 2 an underground website that has a history of trafficking stolen financial information posted the credit card information from Home Depot for sale. This was what initially alerted the company to the breach.

Home Depot said that they have now developed, "significant new protection for customers," in statement released Thursday which cost around $62 million to install. These new security measures include credit monitoring and free identity protection services and will be available to anyone who used a payment card at a Home Depot store beginning in April 2014.

This is the latest incident in a familiar scenario from earlier this year when Target faced a similar breach of security. This situation is larger than that one as only 40 million credit and debit accounts were compromised over the course of three-weeks

Home Depot has announced that there is "no evidence that debit PIN numbers were compromised." 

The U.S. Secret Service is handling the investigation for Home Depot to determine the scope and severity of the hack.

Latest News