Home Depot investigates possible payment card breach

Share this article:
SUPERVALU, AB Acquisition announce payment card breaches at grocery chains
Brian Krebs reported on Tuesday that the breach could have impacted all 2,200 Home Depot stores, and may have dated back to late April or early May.

Home Depot is the latest retailer to begin investigating a possible data breach.

“At this point, I can confirm that we're looking into some unusual activity and we are working with our banking partners and law enforcement to investigate,” according to a statement emailed to SCMagazine.com on Tuesday by Paula Drake, a Home Depot spokesperson.

Citing his correspondence with several banks, Brian Krebs reported on Tuesday that a large number of payment cards recently made available for purchase on an underground marketplace may be tied to Home Depot stores. While it is unclear, initial analysis indicates the breach could have impacted all 2,200 Home Depot stores in the country, and may have dated back to late April or early May, Krebs wrote.

“Protecting our customers' information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers,” according to the Home Depot statement. “If we confirm that a breach has occurred, we will make sure customers are notified immediately. Right now, for security reasons, it would be inappropriate for us to speculate further.”

Compromising only a single point-of-sale (POS) device can enable an attacker to gain access to a retailer's infrastructure and steal payment card data, Nick Levay, CSO at Bit9, told SCMagazine.com in a Tuesday email correspondence.

“Typically, most organizations rely on traditional anti-virus to protect endpoint devices,” Levay said. “The strategy of blocking only what's known to be bad has hit a brick wall, and the paradigm needs to be flipped. A more effective way of [securing] endpoint devices is to ensure that only known good can run. This is most often called default-deny or whitelisting.”

These types of incidents tend to go on undetected for so long due to a lack of visibility and “eyes on the glass,” Levay said, adding, “You've got to be collecting the right telemetry, and you've got to have analysts tracking change to the environment and monitoring alerts.”

On Tuesday, Home Depot shares fell about 2 percent to $91.15.

UPDATE: Home Depot has been working with Symantec and FishNet Security as part of an ongoing investigation, according to a Wednesday statement emailed to SCMagazine.com by Paula Drake, a Home Depot spokesperson. "It's important to note that in the event we determine there has been a data breach, our customers will not be responsible for any possible fraudulent charges," according to the statement, which goes on to add, "We will also offer free identity protection services, including credit monitoring, to any potentially impacted customers."

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Adobe exploit used to spread Dyre credential stealer

Adobe exploit used to spread Dyre credential stealer

Users running vulnerable Adobe software could be in danger of having credentials for Bitcoin websites stolen.

Staples is investigating a potential issue involving credit card data

Staples is investigating a potential issue involving credit ...

The company said it is investigating a potential issue involving credit card data and that customers are not responsible for fraudulent activity on cards if an issue is discovered.

Skills set a priority over legacy prejudices, experts say

Skills set a priority over legacy prejudices, experts ...

Cybersecurity expert Winn Schwartau and Robert Clark, a cyber law attorney at the Army Cyber Institute, discussed issues around hiring in the information security industry.