Breach, Threat Management, Data Security

Home Depot settles with state AGs for 2014 point-of-sale hack

Home Depot storefront

Home Depot settled with the attorneys general of 45 states and the District of Columbia over a 2014 point-of-sale systems hack, agreeing to pay $17.5 million, states announced Tuesday.

The Home Depot breach was, at the time, the largest reported breach in history, capturing 56 million credit cards. It came during a string of attacks during which POS systems were hijacked by malware; earlier that year Target had announced a similar landmark breach.

Home Depot had already settled with consumers.

The conditions of the settlement require an information security regimen, including having a chief information security officer, adequate funding and training.

“I am pleased with this settlement as it sets procedures in place that the Home Depot must follow to further protect consumers’ interests and provide them peace of mind as they shop,” said Michigan Attorney General Dana Nessel, whose state will receive $300,000, in a statement.  

Joe Uchill

Joe is a senior reporter at SC Weekly, focused on policy issues. He previously covered cybersecurity for Axios, The Hill and the Christian Science Monitor’s short-lived Passcode website.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.