In the wake of Home Depot's breach, reports of fraudulent transactions have surfaced on the heels of two class-action lawsuits, one filed in Canada by a consumer and the other filed in Florida on behalf of financial institutions.
The fraudulent transactions, which are thought to be linked to stolen payment information, include the buying of prepaid cards, electronics, and groceries, sources familiar with the incidents told The Wall Street Journal. They have been tracked to batches of cardholder accounts linked to specific ZIP codes.
One financial institution, the Air Academy Federal Credit Union, has spotted about $20,000 worth of fraudulent purchases since the breach.
In a breach that may have impacted up to 56 million card over a five month period, attackers are thought to have accessed Home Depot's systems, in all of its 2,200 stores, through its point-of-sale (POS) terminals.
As more information surrounding the breach comes out, some customers have filed class-action lawsuits against the home improvement retailer. A man in Ottawa, Steven Lozanski, filed a $500-million class-action suit against Home Depot of Canada and its parent company, The Home Depot, earlier this week. He claims that $8,000 worth of fraudulent charges were made on his card after he shopped at the store, according to the Ottawa Business Journal.
Lozanski's lawsuit alleges the company, “failed to uncover and disclose the extent of the breach and notify its affected customers of the breach in a timely manner.”
A separate lawsuit was filed in Georgia this past week. In it, First Choice Federal Credit Union claims it suffered losses and is seeking to recover damages on behalf of credit unions, banks and other financial institutions that were impacted by the breach, Law360 reported.