Breach at Home Depot Affects 56 Million Cards

By Joe Rizzo September 19, 2014

I think that it is safe to say that after last holiday season’s raid on credit and debit card information from stores such as Target made everyone wonder just how secure information is. You would also expect, at least I would, that after hearing about how many people were affected that all large retail stores would have ramped up security to the point where you would want to use cash simply because it is quicker.

Apparently, my expectations are a bit on the high side. Just yesterday, September 18, 2014, Home Depot, the nation's largest home improvement retailer, disclosed they were subject to a data breach. What should concern everyone is that this breach lasted for several months. In fact, it lasted this year from April to the beginning of this month. What I find disconcerting is the fact that Home Depot mentioned this on September 2; however, several financial institutions reported that they were receiving alerts from Visa and MasterCard concerning specific credit and debit cards compromised in this breach from Home Depot’s cash registers up until Sept. 7. Considering that the date is five days after Home Depot announced the news; how was this happening?

Information was taken from 56 million credit and debit cards, which far exceeds last year’s Target attack. Believe it or not, back in 2007 there was an even larger incident at TJX Companies that documented 90 million records being compromised. Again, you would think that shoppers would be concerned, but if you look at the records, sales and profits did not fall. John Kindervag, vice president and principal analyst at Forrester Research, said "This is a massive breach and a lot of people are affected. Home Depot is very lucky that Target happened because there is this numbness factor."

It is almost like people expect it to happen, but are willing to take the risk and not worry about. Although Home Depot is assuring its customers that the malware used in the breach has been eliminated from its U.S. and Canadian stores, as a long time shopper I’m still quite concerned.

In a statement, Home Depot said, “To protect customer data until the malware was eliminated, any terminals identified with malware were taken out of service and the company quickly put in place other security enhancements. The hackers’ method of entry has been closed off, the malware has been eliminated from the company’s systems, and the company has rolled out enhanced encryption of payment data to all U.S. stores. Home Depot’s new encryption technology, provided by Voltage Security, Inc., has been tested and validated by two independent IT security firms. The encryption project was launched in January 2014. The rollout was completed in all U.S. stores on Saturday, September 13, 2014. The rollout to Canadian stores will be completed by early 2015.”

If you notice the dates in this statement, you will see the reported incidence occurred during the time of the roll out of the new system. Does that give anyone reason to pause? It does seem that customers appear to be growing used to these breaches, considering a string of them this past year, which also included at Michaels, SuperValu and Neiman Marcus.

As a closing comment, Home Depot's chairman and CEO, Frank Blake, said "We apologize to our customers for the inconvenience and anxiety this has caused and want to reassure them that they will not be liable for fraudulent charges. From the time this investigation began, our guiding principal has been to put our customers first and we will continue to do so."

Home Depot might have benefited from not making a disclosure of the breach until the spring and summer seasons were over. This is typically the busiest time of year for home improvement. Timing is everything!

Edited by Maurice Nagle

TechZone360 Contributing Writer

Related Articles

Consumer Privacy in the Digital Era: Three Trends to Watch

By: Special Guest    1/18/2018

Digital advertising has exploded in recent years, with the latest eMarketer data forecasting $83 billion in revenue this year and continued growth on …

Read More

CES 2018: Terabit Fiber - Closer Than We Think

By: Doug Mohney    1/17/2018

One of the biggest challenges for 5G and last mile 10 Gig deployments is not raw data speeds, but middle mile and core networks. The wireless industry…

Read More

10 Benefits of Drone-Based Asset Inspections

By: Frank Segarra    1/15/2018

Although a new and emerging technology, (which is still evolving), in early 2018, most companies are not aware of the possible benefits they can achie…

Read More

VR Could Change Entertainment Forever

By: Special Guest    1/11/2018

VR could change everything from how we play video games to how we interact with our friends and family. VR has the power to change how we consume all …

Read More

Making Connections - The Value of Data Correlation

By: Special Guest    1/5/2018

The app economy is upon us, and businesses of all stripes are moving to address it. In this age of digital transformation, businesses rely on applicat…

Read More