Home Depot reveals 56m customers were hit in data hack

19 Sep 2014

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

The DIY retailer Home Depot has admitted that as many as 56m customers in the US and Canada may have been affected by a data hack.

Security news website Krebs on Security says the revelation officially makes the incident the largest retail card breach on record.

Earlier this month, it was discovered information had been obtained by a group or individual. The data was then made available for sale online to the highest bidder.

In a statement released yesterday, Home Depot revealed the perpetrators used custom-built malware to evade detection. The company has since completed a security project that provides enhanced encryption in its US stores, with Canadian outlets to follow suit by early 2015.

“To protect customer data until the malware was eliminated, any terminals identified with malware were taken out of service, and the company quickly put in place other security enhancements,” the firm wrote. 

“The hackers’ method of entry has been closed off, the malware has been eliminated from the company’s systems, and the company has rolled out enhanced encryption of payment data to all US stores.”

The incident tops last December’s data breach of US retailer Target, when some 40m credit and debit card details were compromised.

Home Depot store image via Shutterstock

Dean is a freelance journalist and editor covering media.

editorial@siliconrepublic.com