Home Depot investigates possible payment card breach

Share this article:
SUPERVALU, AB Acquisition announce payment card breaches at grocery chains
Brian Krebs reported on Tuesday that the breach could have impacted all 2,200 Home Depot stores, and may have dated back to late April or early May.

Home Depot is the latest retailer to begin investigating a possible data breach.

“At this point, I can confirm that we're looking into some unusual activity and we are working with our banking partners and law enforcement to investigate,” according to a statement emailed to SCMagazine.com on Tuesday by Paula Drake, a Home Depot spokesperson.

Citing his correspondence with several banks, Brian Krebs reported on Tuesday that a large number of payment cards recently made available for purchase on an underground marketplace may be tied to Home Depot stores. While it is unclear, initial analysis indicates the breach could have impacted all 2,200 Home Depot stores in the country, and may have dated back to late April or early May, Krebs wrote.

“Protecting our customers' information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers,” according to the Home Depot statement. “If we confirm that a breach has occurred, we will make sure customers are notified immediately. Right now, for security reasons, it would be inappropriate for us to speculate further.”

Compromising only a single point-of-sale (POS) device can enable an attacker to gain access to a retailer's infrastructure and steal payment card data, Nick Levay, CSO at Bit9, told SCMagazine.com in a Tuesday email correspondence.

“Typically, most organizations rely on traditional anti-virus to protect endpoint devices,” Levay said. “The strategy of blocking only what's known to be bad has hit a brick wall, and the paradigm needs to be flipped. A more effective way of [securing] endpoint devices is to ensure that only known good can run. This is most often called default-deny or whitelisting.”

These types of incidents tend to go on undetected for so long due to a lack of visibility and “eyes on the glass,” Levay said, adding, “You've got to be collecting the right telemetry, and you've got to have analysts tracking change to the environment and monitoring alerts.”

On Tuesday, Home Depot shares fell about 2 percent to $91.15.

UPDATE: Home Depot has been working with Symantec and FishNet Security as part of an ongoing investigation, according to a Wednesday statement emailed to SCMagazine.com by Paula Drake, a Home Depot spokesperson. "It's important to note that in the event we determine there has been a data breach, our customers will not be responsible for any possible fraudulent charges," according to the statement, which goes on to add, "We will also offer free identity protection services, including credit monitoring, to any potentially impacted customers."

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Hackers grab email addresses of CurrentC pilot participants

Hackers grab email addresses of CurrentC pilot participants

Although the hack didn't breach the mobile payment app itself, consumer confidence may be shaken.

Operators disable firewall features to increase network performance, survey finds

Operators disable firewall features to increase network performance, ...

McAfee found that 60 percent of 504 surveyed IT professionals prioritize security as the primary driver of network design.

PCI publishes guidance on security awareness programs

PCI publishes guidance on security awareness programs

The guidance, developed by a PCI Special Interest Group, will help merchants educate staff on protecting cardholder data.