The Home Depot investigates possibility of massive data breach

Reports are out that a new batch of stolen credit and debit cards hit the cybercrime underground on Tuesday, with multiple banks confirming that The Home Depot stores may be the source.

Screen Shot 2014-09-02 at 2.57.30 PM
Credit: The Home Depot

Home improvement retailer The Home Depot may be the latest target of the massive Russia-based hacker ring hitting US businesses.

must read

How Amazon's Whole Foods purchase could solve its grocery supply chain puzzle

The $13.7 billion deal marks a turning point in Amazon's strategic efforts when it comes to cracking the $600 billion grocery market.

As first reported on the website of cybersecurity journalist Brian Krebs, a new batch of stolen credit and debit cards hit the cybercrime underground on Tuesday, and multiple banks confirmed that The Home Depot stores may be the source.

Paula Drake, a spokesperson for the retail chain, confirmed that the company is actively investigating the possible breach with its banking partners and law enforcement:

"Protecting our customers' information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers," Drake told Krebs in a prepared statement. "If we confirm that a breach has a occurred, we will make sure customers are notified immediately. Right now, for security reasons, it would be inappropriate for us to speculate further – but we will provide further information as soon as possible."

Even without official confirmation of the breach, there is speculation that it could be many times larger than the one that hit Target last year , as The Home Depot has some 2,200 stores in the US and nearly 300 in other countries, and early analysis suggests all of the stores were affected.

Since late 2013, data breaches at US businesses have become all too common. Albertson's, Target, Michaels, Neiman Marcus , Sally Beauty, P.F. Chang's and SuperValu have all experienced significant breaches believed to stem from a group of Russian and Ukranian hackers. 

Most recently, the group is said to have stolen more than 1.2 billion Internet credentials — including usernames and passwords — with more than 500 million email addresses. In that case, however, most of the IDs exploited were used for sending spam on social networks, rather than illegal spending and selling on the black market.


You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All