Millions of customers could be affected by Home Depot data breach
Marley Jay THE ASSOCIATED PRESS
Published September 9, 2014 - 10:35am
Last Updated September 9, 2014 - 10:45am
More than 2,000 Home Depot stores have been hacked, potentially exposing
millions of customers information in the security breach. (MARK
HUMPHREY / AP)
Shares of Home Depot sank before the opening bell Tuesday after
confirming that its payment systems had been hacked, potentially
exposing millions of shoppers who used credit and debit cards at its
more than 2,000 U.S. and Canadian stores.
The breach could turn out to be one of the biggest in history. Home
Depot did not say how many cards might be affected, but the largest U.S.
home improvement chain did say late Monday that its investigation into
the breach goes as far back as April.
The news comes nearly a week after a website that focuses on
cybersecurity reported on Tuesday a possible hack of Home Depot’s data.
The company said later that day that it was investigating the potential
breach.
“We apologize for the frustration and anxiety this causes our
customers, and I want to thank them for their patience and support as we
work through this issue,” Chairman and CEO Frank Blake said in a press
release.
Home Depot is the latest retailer to have a data breach. Others
include Target, luxury retailer Neiman Marcus, grocer Supervalu,
restaurant chain P.F. Chang’s and the thrift store operations of
Goodwill.
In December, Target Corp. disclosed a massive data breach that was
the second-largest in history, resulting in the theft of 40 million
debit and credit card numbers and the potential exposure of personal
information of up to 70 million shoppers.
Forrester Research analyst John Kindervag said the Home Depot breach
could affect similar numbers of shoppers or cards, noting that months’
worth of data may have been compromised.
“From what I’m hearing, people think this will be as big as Target or
bigger,” he said in a telephone interview with The Associated Press.
The retail breaches have rattled shoppers’ confidence at a time when
privacy concerns are high. It’s also increased pressure on retailers to
increase security so that customers can feel safe that their personal
data is secure when they’re out shopping.
Retailers, banks and card companies have responded to the breaches by
speeding the adoption of microchips in U.S. credit and debit cards.
That technology helps makes transactions more secure.
Home Depot, which said malware was used in the hack, has announced
that it plans to have chip-enabled checkout terminals at all of its U.S.
stores by the end of this year.
In the meantime, the Atlanta company said its IT department also is
looking into the breach and is working with outside firms, its banking
partners, and the U.S. Secret Service. It added that customers will not
be held responsible for fraudulent charges to their accounts.
The possible breach at Home Depot was first reported by Brian Krebs
of Krebs on Security. Krebs said multiple banks reported “evidence that
Home Depot stores may be the source of a massive new batch of stolen
credit and debit cards.”
If Target’s breach is any indication, the fallout from the Home Depot breach could be severe.
The Target hack cost the company hurt the company’s profit and
revenue. Target’s chief information officer and CEO both stepped down in
the months after the hack.
“I would think if you’re a member of the board of directors, somebody
has to be the sacrificial lamb for this,” Kindervag, the Forrester
analyst, said about Home Depot’s breach.
Home Depot already has had some fallout. Its shares fell 41 cents to $90.41 in premarket trading Tuesday.
Before the potential breach was announced, Home Depot said in August
that Blake would step down as CEO on Nov. 1. He will be replaced by
Craig Menear, president of the company’s U.S. retail operations.
end quote from:
This is exactly the kind of attack you would expect to see from a nation like Russia or China upon the U.S. now. It also could be criminals in nations where there is no punishment ever for doing this. (other nations like China and Russia where this isn't a crime to attack the U.S. through the Internet).
