Home Depot Investigates a possible Credit Card Breach
[Only registered and activated users can see links. ]Home Depot Investigates a Possible Credit Card Breach
Home Depot said on Tuesday that it was investigating a report that customer credit and debit card data was stolen from its systems and put up for sale online.
The retailer issued a statement after Brian Krebs, an independent security reporter, said that [Only registered and activated users can see links. ] as the potential source of a large data breach. The company said it was working with law enforcement authorities and banks on the matter.
“Protecting our customers’ information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers,” said Paula Drake, a company spokeswoman. “If we confirm that a breach has occurred, we will make sure customers are notified immediately.”
If a breach is confirmed, Home Depot will be the latest target in a recent string of hacking attacks against major companies, after Target, Neiman Marcus, Michaels, Sally Beauty, P. F. Chang’s and UPS. Those companies said criminals had installed malicious software on their systems that siphoned customers’ payment information. The hackers who broke into the systems are believed to belong to the same crime ring in Eastern Europe.
The number of customers affected by the breaches amounts to more than one-third of the American population.
In July, the Homeland Security Department and the Secret Service issued a report warning retailers to check their in-store cash register systems for a set of malware that could evade detection of antivirus products. The Secret Service estimated that over 1,000 businesses had been infected by the software, which security researchers called [Only registered and activated users can see links. ].
Mr. Krebs [Only registered and activated users can see links. ] the potential infiltration of Home Depot’s customer data might have begun as early as May. That could make a Home Depot breach even bigger than that of Target, which began in November and [Only registered and activated users can see links. ].
In that breach, Target said hackers had stolen credit or debit card information from about 40 million customers. The company also said criminals had stolen other pieces of personal information, like email and mailing addresses, from about [Only registered and activated users can see links. ].
In the attack against Target, data from the magnetic strips of stolen credit cards was sold online on sites like Rescator, a so-called carding site, for $18 to $40 a card.
After an internal review, Target acknowledged that it had ignored warning signs of a potential infiltration last year. The retailer’s security software had sounded multiple alarms as criminals uploaded the malware onto its systems.
I was listening to the radio while taking my daughter to school this morning and they stated that anyone who used their credit or debit card between April 2014 and August 2014 would be affected. The card numbers are being sold today. It's very scary because I go to Home Depot quite a lot.