Home Depot reports 56 million card details likely stolen in breach 

Home Depot Inc (HD.N) Thursday said some 56 million payment cards were likely compromised in a cyberattack at its stores, suggesting the hacking attack at the home improvement chain was larger than last year’s unprecedented breach at Target Corp (TGT.N).

Home Depot, told that so far it has estimated costs of $62 million. But it indicated that costs could reach much higher. It will take months to determine the full scope of the fraud, which affected Home Depot stores in both the United States and Canada and ran from April to September.

Retailer Target incurred costs of $148 million in its second fiscal quarter related to its breach. Target hackers stole at least 40 million payment card numbers and 70 million other pieces of customer data.

“We apologize to our customers for the inconvenience and anxiety this has caused and want to reassure them that they will not be liable for fraudulent charges,” Chief Executive Frank Blake said in a statement.

But the company said it has not yet estimated the impact of “probable losses” related to the possible need to reimburse banks for fraud and card replacement, as well as covering costs of lawsuits and government investigations.

Hitesh Sheth, chief executive of Vectra Networks, a cybersecurity firm in San Jose, California, said Home Depot’s breach exposes a weakness, noting that the company said hackers used unique, custom-built malware.

That “essentially means the technology they are using is only designed to detect malware that has already been used in a previous attack, and that is symptomatic of the retail industry,” Sheth said.

“Retailers need to upgrade to technology that is available and detects behavior of malware that is new because these attacks are not going to stop anytime soon.”

 

Source: Reuters- Home Depot reports 56 million card details likely stolen in breach

---