News
With 56M cards compromised, Home Depot data breach tops Target's
An investigation has revealed that the custom-built malware deployed at Home Depot was different from that used in the 2013 holiday season breach at Target stores.
September 19, 2014
It's confirmed: The malware attack on payment systems at The Home Depot has resulted in the largest data breach ever.
In a press release yesterday, the company said that data from as many as 56 million payment cards was compromised in an attack on POS systems that lasted from April until September in U.S. and Canadian stores.
An investigation of the breach has revealed that criminals used unique, custom-built malware to evade detection, the release said, contradicting rumors in the press that the malware was the same as that used in the 2013 holiday season breach at Target stores.
Home Depot said it has taken terminals identified with the malware out of service, and has put in place other security enhancements:
The hackers’ method of entry has been closed off, the malware has been eliminated from the company’s systems, and the company has rolled out enhanced encryption of payment data to all U.S. stores. ...
The company’s new payment security protection locks down payment data through enhanced encryption, which takes raw payment card information and scrambles it to make it unreadable and virtually useless to hackers. Home Depot’s new encryption technology, provided by Voltage Security, Inc., has been tested and validated by two independent IT security firms.
The release added that EMV technology will be deployed in all U.S. stores by the end of 2014, and is already in use in Canada.
Despite the breach and the publicity surrounding it, fiscal third quarter sales, including sales in September, are on plan, the company said.
Related Media
SecurityPresented ByDiebold Nixdorf
Subscribe
Get the latest news and resources from ATM Marketplace.
