The largest American retailer of home improvement and construction products and services, Home Depot Inc, has confirmed that its payment systems at more than 2,000 stores in the U.S. and Canada have been breached by hackers and could affect customers who used credit and debit cards to purchase items. The number of credit cards exposed by the hack attack remains uncertain, and might turn out to be the biggest breach in history.
The on-going investigation is focused on purchases that were made since April 2014. There is no evidence that the debit-card PINs have been compromised or the breach having extended to its stores in Mexico, the company said in a statement yesterday.
“We apologize for the frustration and anxiety this causes our customers, and I want to thank them for their patience and support as we work through this issue,” chairman and CEO Frank Blake said in a statement. “We owe it to our customers to alert them that we now have enough evidence to confirm that a breach has indeed occurred.”
Home Depot is the latest in the string of massive hack attacks affecting U.S. retailers such as Target Corp., Supervalu Inc. and Neiman Marcus Group Ltd. In December 2013, Target confirmed a massive data breach – the second largest in history, with a theft of more than 40 million debit and credit card numbers and a potential exposure of personal information of more than 70 million customers.
John Kindervag, Forrester research analysts said the Home Depot hack attack could affect similar numbers or could be more. "From what I'm hearing, people think this will be as big as Target or bigger," he said in a telephone interview with The Associated Press.
As the list of large-scale cyber attacks increases, the U.S. retail industry is under extreme pressure to enhance the security of its computer systems and MasterCard’s.
“I don’t know why the retailers aren’t waking up and doing something about it” said, Tomer Weingarten, chief executive officer of online security firm SentinelOne in Mountain View, California. “It seems like Target should have been a very big wake-up call.”
According to an unnamed source familiar with the matter, the U.S. Secret Service is additionally investigating the likelihood that the hackers who breached Target are behind the Home Depot attack.
Last week, Home Depot had just learned of a possible breach after American journalist and investigative reporter Brian Krebs, reported on Sept. 2 that hackers may have stolen customer data and made fake credit- and platinum cards. Home Depot said it is giving free identity-theft insurance and credit monitoring services to any individual who shopped at Home Depot and utilized a card for payment since April.
“We apologize for the frustration and anxiety this causes our customers,” Home Depot said.
Home Depot had been doing great with the recovering of housing sector helping lift sales. The stock rose to an all-time high on Aug. 29, the last exchanging day before the retailer recognized a breach may have happened.
Currently Home Depot is attempting to restore faith of its customers and has joined a number of retailers to improve its security it. Home Depot will soon introduce a new chip-and-pin technology to all U.S. stores by the end of 2014.