New details unfold regarding the Home Depot data breach. Is it the biggest one ever?

With nearly 2,200 store locations, Home Depot is one of the largest retailers in the United States and Canada.

The home improvement 'big-box store' is known for being the destination for everything from paint and hand tools to cement mixers and lumber to satisfy an endless array of home projects both for DIY homeowners and professional contractors alike.

Home Depot confirmed on Monday that hackers have broken into their in-store payment systems and, similar to the Target hacker breach this past holiday season, have been the victim of a credit card information breach. If the final estimate count of those affected proves to be correct it will be the largest known breach of a retail company's computer network to date.

While the exact number of those affected is still being determined, it has been said that the final count could top 60 million. When Target was hacked during the 2013 holiday season, the number of those affected was closer to 40 million.

Unlike the Target breach however, this breach wasn't just limited to a few weeks but, rather, closer to a five month period starting in April and lasting up until early last week.

While Home Depot has not yet confirmed final details, they have stated that they would offer free identity protection and credit-monitoring services to any customer who believes that they might have been affected after shopping at one of their many stores. It was stated that those who shopped for Home Depot products via HomeDepot.com were not among those affected.

"Any organization connected to the debit and credit card ecosystem faces constant and evolving threats," said Sandy Kennedy, president of the Retail Industry Leaders Association. "The public and private sector must continue to work together to improve debit and credit card security, identify threats and share information to best defend against cyberattacks."

While it is still unconfirmed who is behind the Home Depot security breach, security experts believe that the same Eastern European group behind the Target attack is responsible.

The attack was first reported by security blogger Brian Krebs, an industry expert who is known for reporting on such attacks first on his blog KrebsOnSecurity.

"The apparent credit and debit card breach uncovered last week at Home Depot was aided in part by a new variant of the malicious software program that stole card account data from cash registers at Target last December, according to sources close to the investigation." Said Krebs.

"A source close to the investigation told this author that an analysis revealed at least some of Home Depot's store registers had been infected with a new variant of "BlackPOS" (a.k.a. "Kaptoxa"), a malware strain designed to siphon data from cards when they are swiped at infected point-of-sale systems running Microsoft Windows."

While final details are still unfolding, the hack is shaping up to be an attack not just on retailers but also the United States.

If you shopped at a Home Depot store between April 2014 and September 2014, it is recommended that you contact your bank and refer to this site from the FCC in an effort to help monitor suspicious activity.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics