Home Depot, the highly successful do-it-yourself home improvement retailer with annual revenue of $79 billion from its 2,266 brick and mortar stores across the United States, Canada, Puerto Rico, the Virgin Islands, Guam, Mexico, China and 268 international operations, announced on September 8, 2014 that they were the victim of a criminal cyber attack.
The confirmation of the breach came nearly one week after the hackers began selling Home Depot customer’s stolen credit and debit card data on the black market on a website called Rescator. The cyber breach had gone on for numerous months before Home Depot became aware of it and the company confirmed that the personal information compromised included:
- Customer names
- Credit or debit card numbers
- Expiration dates
- Cardholder “verification value”
- Service Code
It did not include the three or four digit security code on the back of the card.
According to Home Depot’s statement, as many as 56 million cards were at risk, but it also stated that the malware that the cyber criminals used to execute the breach has been eradicated from both its Canadian and U.S. networks. It appears that a third party vendor’s log-in credentials were stolen and then utilized to gain access to Home Depot’s computer systems network. Once inside Home Depot’s network the hackers were able to install malware that was able to retrieve customer payment card information, as well as email addresses.
Apparently these hackers were of a highly sophisticated nature, installing never before seen malware on the self-checkout registers of the Home Depot stores in the United States and Canada. The custom-made malware had the ability to evade Home Depot’s network antivirus software, which is what allowed the cyber criminals to install the data stealing application and obtain the sensitive credit and debit card information from 56 million of the company’s customers.
To add insult to injury, Home Depot had to inform its customers that in addition to the credit and debit card breach, the company also learned that hackers were able to access the email addresses of an additional 53 million of its customers as well. According to Home Depot the email address breach did not include passwords or other sensitive customer information.
In response to this latest breach Home Depot is again notifying its customers who may have been impacted by the email breach and in an abundance of caution offering free credit monitoring protection, although the company stated to its customers that, “in all likelihood this will not impact you.”
However, cyber security experts warn that email breaches are often used by cyber criminals as a phishing tool to scam the victims into revealing more personal data by sending fake emails claiming to be Home Depot or other vendors that might seem related asking for personal information or contain links that when the individual clicks on will install malware that can take control of their computers. Home Depot provided a link for its customers covering common safety practices on preventing identity theft which will be included below in the Links For Affected Customers.
Additional Resources About This Breach:
http://www.usatoday.com/story/money/business/2014/11/06/home-depot-hackers-stolen-data/18613167/
http://krebsonsecurity.com/tag/home-depot-breach/
http://www.wsj.com/articles/home-depot-breach-bigger-than-targets-1411073571
http://www.eweek.com/security/home-depot-breach-expands-privilege-escalation-flaw-to-blame.html