14 DAY TRIAL // The Home Depot security breach that was unveiled earlier this month has been assessed and it’s even more terrible than originally thought. 56 million unique credit cards were put to risk by hackers.
The company claims that criminals used unique and custom-built malware to evade detection, which is why it took so long to detect the issues. “The malware had not been seen previously in other attacks,” the company explained.
Home Depot estimates that the malware was present in its systems between April and September 2014, during which time it compromised a huge number of customers. Since then, the malware has been eliminated from the system and any terminals that were identified with malware were taken out of service.
The company has also taken some steps to secure its systems by adding enhanced encryption. The payment security protection takes raw payment card information and scrambles it to make it unreadable and useless to hackers.
The encryption project has actually been launched back in January 2014, but the rollout was only completed in the US stores on Saturday, September 13, 2014. Canadian stores will get the same treatment by early 2014.
The breach was discovered in early September
The company was made aware of the possible breach on September 2, after banking partners and law enforcement told them that criminals may have breached the systems. After the investigation was completed, Home Depot said that there was no evidence that debit PIN numbers were compromised or that the breach had impacted stores in Mexico or customers shopping online.
Home Depot is now offering free identity protection services, including credit monitoring, to any customer who believes may have been affected by the data breach.
“We apologize to our customers for the inconvenience and anxiety this has caused, and want to reassure them that they will not be liable for fraudulent charges. From the time this investigation began, our guiding principle has been to put our customers first, and we will continue to do so,” said Frank Blake, chairman and CEO of Home Depot.
Home Depot revealed the cyber-attack early last week after a cache of credit and debit card data emerged on an underground forum. The original statement said that any customer hat has used their payment card at US or Canadian stores from April forward could be impacted.
Concerns about this breach were that much higher considering the fact that retail giant Target was hacked last year and hackers obtained credit card data of 40 million customers and the personal information for an additional 70 million customers.