US DIY retailer Home Depot has finally admitted to a server breach that led to around 56 million payment card details being stolen, which is thought to be the largest ever retail security breach in history.
In a public statement, the retailer said an investigation into a possible breach, that happened earlier in the month, began immediately after the retailer received reports from its banking partners and law enforcement that criminals may have breached its systems.
"Since then, the company's IT security team has been working around the clock with leading IT security firms, its banking partners and the Secret Service to rapidly gather facts, resolve the problem and provide information to customers," the statement read.
The firm confirmed that 56 million cards had been compromised following the attack. It also said that malware responsible for the info heist had been present on systems since between April and September this year. However, the firm said it had completed a major payment security project designed to offer payment data encryption at the point of sale in the company's US stores, to bolster the security it offers customers.
The firm had taken malware-infected terminals out of service and put in place other security arrangements to close off the hackers' method of entry. The firm's system are also said to be free of malware.
"We apologise to our customers for the inconvenience and anxiety this has caused, and want to reassure them that they will not be liable for fraudulent charges," said Home Depot chairman and chief executive Frank Blake.
"From the time this investigation began, our guiding principle has been to put our customers first, and we will continue to do so."
The breach at Home Depot tops another security breach at US retailer Target, where the details of 40 million customers were stolen by hackers.
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
Third time lucky? Microsoft finally begins roll-out of controversial Recall featureNews The Windows Recall feature has been plagued by setbacks and backlash from security professionals
-
Capita tells pension provider to 'assume' nearly 500,000 customers' data stolenCapita told the pension provider to “work on the assumption” that data had been stolen
-
Gumtree site code made personal data of users and sellers publicly accessibleNews Anyone could scan the website's HTML code to reveal personal information belonging to users of the popular second-hand classified adverts website
-
Pizza chain exposed 100,000 employees' Social Security numbersNews Former and current staff at California Pizza Kitchen potentially burned by hackers
-
83% of critical infrastructure companies have experienced breaches in the last three yearsNews Survey finds security practices are weak if not non-existent in critical firms
-
Identity Automation launches credential breach monitoring serviceNews New monitoring solution adds to the firm’s flagship RapidIdentity platform
-
Neiman Marcus data breach hits 4.6 million customersNews The breach took place last year, but details have only now come to light
-
Indiana notifies 750,000 after COVID-19 tracing data accessedNews The state is following up to ensure no information was transferred to bad actors
-
Pearson fined $1 million for downplaying severity of 2018 breachNews The SEC found the London-based firm made “misleading statements and omissions” about the intrusion
