View Page As PDF
Share Button
Tweet Button

Home Depot Inc. confirmed on Monday that its payment systems were breached at approximately 2,200 U.S. and Canadian stores.

Home Depot learned of the breach not through its own internal audits and investigations, but through external sources, such as reports from banks and law enforcement. Most astonishing is that the breach reportedly stretches back to April, the company’s busiest selling season, which is far longer than Target’s infamous holiday-season breach that resulted in the loss of 40 million payment card numbers and 70 million other pieces of customer data. Based upon such a lengthy period of time, experts have warned that this could be the largest data breach yet.

Attorneys general from California, Connecticut, Illinois, Massachusetts, and New York have already begun their investigation into the cause of the breach and how Home Depot handles and will continue to handle the impact of the breach on the victims.


Home Depot has insisted that their customers will not be responsible for fraudulent charges and has promised to offer free identity protection, including credit monitoring. It should be noted that this remedy is how Target’s breach went from bad to worse. Specifically, when Target offered free credit monitoring, hackers were able to replicate the email sent by Target to its customers and lure subscribers into providing their personally identifiable information, again. Though it is important to act swiftly in breach situations, companies, like Home Depot, should learn from Target and ensure their remedial measures are fully considered prior to implementation. Data breach coaches, like those at McDonald Hopkins, deal with these issues on a daily basis and must be consulted while an entity traverses the uncertain and precarious data breach landscape.