Another major US retailer may have suffered a massive data breach of credit card information. This time, it's Home Depot.
According to reports, the breach may have begun as early as Spring 2014. Banks initially reported that a large batch of credit card information went on sale Tuesday morning on a black market site. Krebs on Security reported that the potential Home Depot breach had similar traits to the groups that carried out attacks on Target and P.F. Chang’s, previously. If, in fact, this breach goes back to Spring 2014, the fallout could be even greater than those cases.
Home Depot confirmed that it is looking into “some unusual activity” and is “working with [Home Depot’s] banking partners and law enforcement to investigate.” Home Depot went on to state that “[p]rotecting our customers’ information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers. If we confirm that a breach has a occurred, we will make sure customers are notified immediately.”
In this environment, every company must consider its risk of a data breach – whether you deal with credit cards, gift cards, or simply customer sign-up lists. McDonald Hopkins LLC’s Data Privacy and Cybersecurity group can assist with policy creation, audits, training, and responses to breaches, among other services.