Breach at Home Depot Affects 56 Million Cards

By

I think that it is safe to say that after last holiday season’s raid on credit and debit card information from stores such as Target made everyone wonder just how secure information is. You would also expect, at least I would, that after hearing about how many people were affected that all large retail stores would have ramped up security to the point where you would want to use cash simply because it is quicker.

Apparently, my expectations are a bit on the high side. Just yesterday, September 18, 2014, Home Depot, the nation's largest home improvement retailer, disclosed they were subject to a data breach. What should concern everyone is that this breach lasted for several months. In fact, it lasted this year from April to the beginning of this month. What I find disconcerting is the fact that Home Depot mentioned this on September 2; however, several financial institutions reported that they were receiving alerts from Visa and MasterCard concerning specific credit and debit cards compromised in this breach from Home Depot’s cash registers up until Sept. 7. Considering that the date is five days after Home Depot announced the news; how was this happening?

Information was taken from 56 million credit and debit cards, which far exceeds last year’s Target attack. Believe it or not, back in 2007 there was an even larger incident at TJX Companies that documented 90 million records being compromised. Again, you would think that shoppers would be concerned, but if you look at the records, sales and profits did not fall. John Kindervag, vice president and principal analyst at Forrester Research, said "This is a massive breach and a lot of people are affected. Home Depot is very lucky that Target happened because there is this numbness factor."

It is almost like people expect it to happen, but are willing to take the risk and not worry about. Although Home Depot is assuring its customers that the malware used in the breach has been eliminated from its U.S. and Canadian stores, as a long time shopper I’m still quite concerned.

In a statement, Home Depot said, “To protect customer data until the malware was eliminated, any terminals identified with malware were taken out of service and the company quickly put in place other security enhancements. The hackers’ method of entry has been closed off, the malware has been eliminated from the company’s systems, and the company has rolled out enhanced encryption of payment data to all U.S. stores. Home Depot’s new encryption technology, provided by Voltage Security, Inc., has been tested and validated by two independent IT security firms. The encryption project was launched in January 2014. The rollout was completed in all U.S. stores on Saturday, September 13, 2014. The rollout to Canadian stores will be completed by early 2015.”

If you notice the dates in this statement, you will see the reported incidence occurred during the time of the roll out of the new system. Does that give anyone reason to pause? It does seem that customers appear to be growing used to these breaches, considering a string of them this past year, which also included at Michaels, SuperValu and Neiman Marcus.

As a closing comment, Home Depot's chairman and CEO, Frank Blake, said "We apologize to our customers for the inconvenience and anxiety this has caused and want to reassure them that they will not be liable for fraudulent charges. From the time this investigation began, our guiding principal has been to put our customers first and we will continue to do so."

Home Depot might have benefited from not making a disclosure of the breach until the spring and summer seasons were over. This is typically the busiest time of year for home improvement. Timing is everything!




Edited by Maurice Nagle
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

TechZone360 Contributing Writer

SHARE THIS ARTICLE
Related Articles

How to Protect Your Website From LDAP Injection Attacks

By: Contributing Writer    3/12/2024

Prevent LDAP injection attacks with regular testing, limiting access privileges, sanitizing user input, and applying the proper encoding functions.

Read More

Azure Cost Optimization: 5 Things You Can Do to Save on Azure

By: Contributing Writer    3/7/2024

Azure cost optimization is the process of managing and reducing the overall cost of using Azure. It involves understanding the resources you're using,…

Read More

Massive Meta Apps and Services Outage Impacts Users Worldwide

By: Alex Passett    3/5/2024

Meta's suite of apps and services are experiencing major global outages on Super Tuesday 2024.

Read More

The Role of Technology in Shaping the Future of Affiliate Marketing

By: Contributing Writer    3/5/2024

In the current rapidly growing digital world, affiliate marketing is still one of the most effective ways for businesses to increase their visibility …

Read More

The Steps You Can Take To Improve Customer Service For Your Business

By: Contributing Writer    3/5/2024

When you're in a competitive market, providing exceptional customer service is crucial for the success and growth of your business. Good customer serv…

Read More