Home Depot Confirms POS Security Breach, Customer Data at Risk

On Monday, Home Depot confirmed what many of its customers already feared: the home improvement retailer was breached through its POS system, putting the credit information of its millions of customers at risk.

Rumors of a breach started last Sunday, when security reporter Brian Krebs reported that several banks suspected Home Depot to be the source of many stolen credit and debit card numbers that were flooding the black market.

Then, on Tuesday, Home Depot announced that it was investigating unusual activity surrounding customer payment cards. Now that the breach is confirmed, Home Depot warns that anyone who made a card purchase in a US store since April may be at risk for fraud.

In a statement posted to their website, Home Depot announced that “We want you to know that we have now confirmed that those systems have in fact been breached, which could potentially impact any customer that has used their payment card at our U.S. and Canadian stores, from April forward.”

Fortunately, it added, there’s no indication that customers who shopped online or in the company’s Mexico stores were affected by the breach. It also went on to apologize for “frustration and anxiety” experienced by Home Depot customers as a result of fraud concerns.

Customers will not be held responsible for any fraudulent charges that may occur following the Home Depot breach.

Krebs, who broke the story, believes that Home Depot may have fallen victim to a new form of malware called BlackPOS that also attacked Target’s systems last year. The Target hack resulted in the theft of card numbers from 40 million customers and personal information from 70 million customers.

Home Depot has yet to reveal what information was taken in the breach, though it did announce that debit card PIN numbers seemed to be safe. According to a source reporting to the The New York Times, it’s possible that more than 60 million cards were exposed.

Home Depot joins several retailers and restaurants who’ve been victimized by cyberattacks through their POS systems, including Michaels, Neiman Marcus, and PF Chang’s.

Leave a Reply

Your email address will not be published. Required fields are marked *