Home Depot: 56 million payment cards affected by cyberattack

Home Depot said it has added better encryption software and replaced 85,000 PIN pads following the attack that started in April.
Written by Larry Dignan, Contributor

Home Depot said Thursday that 56 million payment cards were affected by a malware attack that started in April.


In a statement, Home Depot said that it completed its investigation and added enhanced encryption at point of sale terminals in its U.S. stores. Enhanced encryption will be complete in early 2015. Home Depot's encryption technology was provided by Voltage Security and tested by independent firms.

Home Depot also added that its third quarter sales are in line with its previous outlook for growth of 4.8 percent.

For reference, Target said that as many as 70 million payment cards may have been affected by the attack it faced in its final tally. 

The company said that its investigation found that criminals used "unique, custom-built malware to evade detection." That malware had not been used in other recent attacks.

Home Depot said terminals affected by the malware were taken out of service until the malware was removed. Home Depot also rewrote "tens of thousands of lines" of code and deployed 85,000 new PIN pads.

According to Home Depot, debit PIN numbers weren't compromised.


Editorial standards