Home Depot Confirms 56 Million Payment Cards

Home Depot says 56 million payment cards affected by data breach.

hdhack

From the Home Depot Website
On Sept. 8, we confirmed that our payment data systems were breached, which could potentially impact customers who used a payment card at our U.S. and Canadian stores in 2014, from April to September. Today, we are able to tell you that the malware used in the recent breach has been eliminated from our U.S. and Canadian networks.

We also want you to know that we have completed a major payment security project that provides enhanced encryption of payment card data at point of sale in our U.S. stores, offering significant new protection for customers. The rollout of enhanced encryption to Canadian stores will be completed by early 2015. Canadian stores are already enabled with EMV “Chip and PIN” technology.

We apologize for the frustration and inconvenience this breach may have caused.

We also want to emphasize that you will not be liable for any fraudulent charges to your accounts, and we’re offering free identity protection services, including credit monitoring, to any customer who has shopped at a Home Depot store in 2014, from April on.

You can learn more about the identity protection services and how to sign up for them at https://homedepot.allclearid.com/.

I, just signed up with allclearid.com and it literally takes seconds. They ask for your name and email.

register_storybody

From Krebs:
The malicious software that unknown thieves used to steal credit and debit card numbers in the data breach at Home Depot this year was installed mainly on payment systems in the self-checkout lanes at retail stores, according to sources close to the investigation.

This entry was posted in Security Blog and tagged , , , , . Bookmark the permalink.