Home Depot confirms massive data breach with potential unauthorised access of credit card details of to 56 million customers
September 24, 2014 |
Home Depot’s announcement of a massive data breach highlights the need for proper data security. The announcment of the cause of the breach was made by press release on 18 September 2014. Home Depot made public the breach on 2 September (see earlier reportage here) but had been aware of it for several months. As a consequence of the breach Home Depot is reportedly offering identity protection.
The results of the investigation are:
The investigation into a possible breach began on Tuesday morning, September 2, immediately after The Home Depot received reports from its banking partners and law enforcement that criminals may have breached its systems. Since then, the company’s IT security team has been working around the clock with leading IT security firms, its banking partners and the Secret Service to rapidly gather facts, resolve the problem and provide information to customers. The company’s ongoing investigation has determined the following:
- Criminals used unique, custom- built malware to evade detection. The malware had not been seen previously in other attacks, according to Home Depot’s security partners.
- The cyber-attack is estimated to have put payment card information at risk for approximately 56 million unique payment cards.
- The malware is believed to have been present between April and September 2014.To protect customer data until the malware was eliminated, any terminals identified with malware were taken out of service, and the company quickly put in place other security enhancements. The hackers’ method of entry has been closed off, the malware has been eliminated from the company’s systems, and the company has rolled out enhanced encryption of payment data to all U.S. stores.
[…] Home Depot confirms massive data breach with potential unauthorised access of credit card details of… […]