Retailer believed to be the source of stolen card data on sale on underground forum

Sep 2, 2014 20:51 GMT  ·  By

A large cache of credit card data available for sale on an underground forum is believed to belong to customers of American retailer Home Depot.

Information from several financial institutions about a possible breach on the systems of Home Depot stores was received by security blogger Brian Krebs, who noticed a sizable amount of stolen credit and debit card details going on sale on underground store rescator[dot]cc.

The store is used by cybercriminals to trade such data and it is the same one used by crooks to move card information stolen from P.F. Chang’s PoS systems.

Krebs believes that the alleged compromise of the Home Depot computer network has been carried out by the same attackers responsible for the incident that affected Target.

Paula Drakes, spokesperson for Home Depot, has confirmed that the company is currently investigating the security breach claims.

“I can confirm we are looking into some unusual activity and we are working with our banking partners and law enforcement to investigate,” Drakes told the reporter.

Although the incident has not been confirmed, the company is ready to take the necessary measures for protecting the customers.

Krebs says that his contacts at the banks reporting the stolen credit card information believe that the hack could go as far back as late April or early May, 2014.

If this is true, this incident could be much larger than the one that affected retailer Target towards the end of last year, which lasted for about three weeks and ended with credit and debit card information of 40 million customers being stolen.