Home Depot Data Breach: 56 Million Payment Cards Compromised

Blog post image

Home Depot announced this week that 56 million credit and debit cards are believed to have been compromised in what is now the largest retail data breach history.

Morgan & Morgan's attorneys are investigating potential lawsuits against Home Depot on behalf of consumers whose personal and financial information may have been compromised in the data breach. Contact us today to learn more.

The company’s investigation of the data breach began on September 2, the same day news was released by Brian Krebs on his website{: target="_blank"} of a months-long attack on Home Depot’s computer systems. According to Forbes, Home Depot officially confirmed the breach on September 8, with an announcement two weeks later that the offending malware on the company’s systems had been totally removed.

“We apologize to our customers for the inconvenience and anxiety this has caused, and want to reassure them that they will not be liable for fraudulent charges,” Home Depot chairman and CEO Frank Blake said.

Although, at the time, Home Depot said the malware used to steal customers’ personal financial information was “unique” and “custom-built,” cyber security experts with knowledge of the investigation into the breach say it was the same malicious software used by hackers during the Target data breach in late 2013.

According to estimates, the largest retail data breach in history has cost Home Depot roughly $62 million thus far. With insurance coverage, the company said, it could be reimbursed about $27 million.

The unpleasant honor of owning the “largest data breach in history” had previously belonged to Target, the computers systems of which were attacked between November 27 and December 15, 2013. Reports indicated that approximately 40 million customers could have been affected by the Target breach, but other reports suggested that as many at 110 million shoppers’ financial accounts could have been compromised.

To prevent a data breach of this magnitude from happening again, Home Depot said it has “rolled out enhanced encryption of payment data” to all U.S. stores, a project the company said was started months before the data breach occurred. Furthermore, Home Depot said it will have EMV “Chip and Pin” technology in all of its stores nationwide by the end of this year, months before the retail industry’s 2015 deadline for all companies to beef up their cyber security measures.

By Staff