Home Depot confirms massive data breach

| September 9, 2014

home depot teaching kids to buildATLANTA — The Home Depot has confirmed that its payment systems were breached by data thieves, potentially victimizing many customers throughout the United States and Canada.

However, the Atlanta Journal Constitution reports the company promised Monday that no one will have to pay for “fraudulent” charges.

Officials of the Atlanta-based giant would not estimate how many customer accounts might have been subject to the data attack. And while the investigation reaches back as far as April, the company did not say how long cyber-criminals had access to Home Depot systems.

A cyber-security expert reported earlier Monday that the Home Depot data breach had been carried out with the same “malware” used previous by cyber-thieves to pilfer consumer data from Target.

At least some of Home Depot’s store registers were infected with a variation of something called BlackPOS or Kaptoxa, software designed to steal data from credit and debit cards when they are swiped through register systems running Microsoft Windows, according to Brian Krebs, who writes about data security.

That similarity of software “adds another indicator that those responsible for the as-yet unconfirmed breach at Home Depot also were involved in the December 2013 attack on Target that exposed 40 million customer debit and credit card accounts,” Krebs wrote on his web site.

BlackPOS was found on the Target systems at Target last year.

Krebs wrote Monday that the new information came from sources close to the investigation of the Home Depot data breach.

Publix issues bagel recall after glass, stone found
Vigil Held in Morven; Red Cross Campaign; Female Firefighter in Madison
Filed in: News, Regional News

Comments are closed.