Hackers steal millions of email addresses, credit card data at Home Depot
07 Nov 2014
Hackers stole 53 million email addresses in addition to customers' card data, Home Depot, AP reported.
The company had disclosed the massive, months-long breach of 56 million debit and credit cards in September.
The breach at the largest home improvement chain in the US surpassed the data theft at Target involving 40 million credit and debit cards around Christmas 2013.
Since late last year, Michaels, SuperValu and Neiman Marcus had also been among a number of retailers that reported breaches, though they were smaller.
While shoppers appeared to have taken the attacks in their stride, the breaches had forced changes in retailing.
The breach at Target prompted banks, retailers and card companies to ratchet up security by speeding the adoption of microchips in US credit and debit cards, which, according to supporters were more secure.
Home Depot reiterated that it would activate chip-enabled checkout terminals at all of its US stores by the end of the year.
Home Depot said the file containing the email addresses did not contain passwords or other sensitive personal information. It added however, that customers needed to guard against phishing scams. Phishing attacks are sent through texts or emails and seek to trap users into disclosing personal information.
Meanwhile, Home Depot yesterday revealed that it was all set to activate the microchip technology at all its US stores by the end of the current year, BetaWired reported.
It said affected customers were being notified in the US and Canada.
Explaining the breach execution, the company said the hackers accessed the company's network system in April using a third-party vendor's username and password and stole the data by using a malware that was installed on self-account systems in Canada as well as the US. The attack at Target had been conducted using the same modus operandi.
According to Home Depot, it was collaborating with law enforcement to improve its security in order to avoid any future intrusions.