US Home Depot investigating possible data breach

By

Banks reportedly trace stolen cards to retailer.

US retailer Home Depot is working with law enforcement to investigate "unusual activity" related to customer data after a security researcher reported the chain appeared to the source of stolen credit and debit cards on sale in the black market.

US Home Depot investigating possible data breach

A spokesperson for the company confirmed the investigation but said it was too early to ascertain whether a large-scale breach had occured.

"At this point, I can confirm that we’re looking into some unusual activity and we are working with our banking partners and law enforcement to investigate," Home Depot representative Paula Drake said.

"If we confirm that a breach has occurred, we will make sure customers are notified immediately."

Infosec expert Brian Krebs reported on his website yesterday that multiple banks had seen evidence that Home Depot may be the source of the up-for-sale stolen cards. 

Krebs said his preliminary analysis indicated the problem could affect all of Home Depot's 2200 stores in the United States. He said several banks he contacted believed the breach could extend back to April or May of this year.

"If that is accurate - and if even a majority of Home Depot stores were compromised - this breach could be many times larger than Target," Krebs wrote.

In the Target breach, which hit the retailer during the important year-end holiday shopping season, hackers stole at least 40 million payment card numbers and 70 million other pieces of customer data.

The incident cost the company hundreds of millions of dollars, several executives and prompted numerous investigations. 

Got a news tip for our journalists? Share it with us anonymously here.
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?