Skip to Main Content
September 02, 2014

Home Depot - Possible Large Scale Breach

Written by David Kennedy
Brian Krebs is reporting that multiple banks are indicating that Home Depot was involved in a significant data breach of credit card information. It may date back as early as May (that we know of so far). Unlike Target which detected the card breach quickly, this would indicate that attackers had access to cardholder data for a long period of time. Much longer than Target. This means that the breach itself could far surpass the initial 40 million that was stolen from Target initially. From the Krebs on Security article below: Contacted by this reporter about information shared from several financial institutions, Home Depot spokesperson Paula Drake confirmed that the company is investigating. “I can confirm we are looking into some unusual activity and we are working with our banking partners and law enforcement to investigate,” Drake said, reading from a prepared statement. “Protecting our customers’ information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers. If we confirm that a breach has a occurred, we will make sure customers are notified immediately. Right now, for security reasons, it would be inappropriate for us to speculate further – but we will provide further information as soon as possible.” Credit above to Krebs on Security, full link here: It appears that Home Depot is tracking suspicious behavior and is attempting to respond to the issue now. Right now is a critical time for Home Depot in the fact that they have to determine where the attackers gained initial access, enact appropriate incident response procedures and notify its customers in a responsible way. Timing right now is critical. Steps you should take: 1. The banks are already aware of the breach however if you shopped at Home Depot this year - monitor your credit closely and make sure no fraudulent charges are on your account. 2. We recommend requesting a new card be sent from your bank. This may seem like a knee jerk reaction to a situation that we have little understanding of, however we recommended this in the early stages of the Target breach and it saved a lot of folks heartache of missing funds and peace of mind. 3. Follow the news and be aware of what's happening in the developing stories. UPDATE (September 3, 2014):  Krebs on Security is suggesting that the breach is likely to affect most stores across the United States (