Home Depot is investigating a possible payment data breach. The company told The Associated Press that it is working with banks and law enforcement to investigate “unusual activity” that would point to a hack.
“Protecting our customers’ information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers,” said Paula Drake, a spokeswoman at Home Depot. She said the retailer would notify customers immediately if it confirms a breach.
Home Depot posted a message about the possible hack in a note to customers saying, “We’re looking into some unusual activity that might indicate a possible payment data breach and we’re working with our banking partners and law enforcement to investigate.” Customers were assured that if a breach is confirmed they will not be responsible for “any possible fraudulent charges.” The company added, “The financial institution that issued your card or Home Depot are responsible for those charges.” The company will offer free identity protection services to impacted customers and recommends customers monitor financial accounts for unusual activity.
According to information first reported by Krebs on Security on Tuesday, the breach may have extended as far back as the spring of this year. If that’s the case, the Home Depot hack could end up being larger than Target’s breach last year.
Krebs reported that it’s not clear how many stores were affected but preliminary analysis indicates the breach may have affected all 2,200 Home Depot stores in the U.S. Several banks that were contacted said they believe the breach may have started in late April or early May.
“If that is accurate — and if even a majority of Home Depot stores were compromised — this breach could be many times larger than Target, which had 40 million credit and debit cards stolen over a three-week period,” said the Krebs post.
Krebs said that the party responsible for the breach may be the same group of Russian and Ukrainian hackers suspected in the Target breach late last year. Krebs also broke the news of Target’s breach.
“We’re working hard to get you the information you need as quickly as possible and will continue to provide updates as we learn more,” Home Depot said.
Home Depot investigates possible data breach
After last year’s breach of Target’s credit card data, an even bigger leak could have hit Home Depot. The company is investigating whether customers’ credit card data was exposed and how many stores may be affected.
Home Depot Data Breach
Home Depot is investigating a potentially “massive” data breach that analysts say could be much larger than Target’s 40 million leaked card numbers.