CHINA TOPIX

03/28/2024 08:37:04 am

Make CT Your Homepage

Home Depot Confirms Data Breach, Customers' Credit Card Info Stolen

Electronic payment station is shown at a Home Depot store in Daly City, California

(Photo : REUTERS/BECK DIEFENBACH/FILES) Electronic payment station is shown at a Home Depot store in Daly City, California

Home Depot stores nationwide announced on Monday that hackers may have infiltrated their payment system and reportedly stole customers' information.

The construction-equipment retail giant said that the hackers may have stolen the credit and debit card information of their customers.

Like Us on Facebook

In a statement released by Home Depot, it said customers who used their cards at their U.S. and Canada stores starting April may be affected by the data breach.

In addition, the statement said that customers in Mexico stores and online shoppers were not affected by the incident.

Meanwhile, the malware used in the hacking is called "BlackPOS," which captures a customers' card information as it is swiped at the register.

According to cyber security reporter Brian Krebs, "BlackPOS" has the ability to disguise itself as a part of an anti-virus software on computers.

The data breach appears to be caused by the same malware used in the Target hacking in 2013, which leads Krebs to presume that the hackers who attacked Target may be the same as those targeting Home Depot.

Last week, Home Depot announced that it was investigating "unusual activity" on its stores. No information released by the company indicated that a possible system security breach may have been committed by hackers.

Home Depot said that in the event that customers incur losses because of the stolen information, the store will be financially liable.

Also, the retail giant promised its affected customers a year's worth of free identity theft protection. In the meantime, these customers are urged to be vigilant about their card's transactions.

Meanwhile, the hackers responsible for the Home Depot attack has already posted two batches of the stolen credit and debit card information online, putting it up for sale last week, according to Krebs.

In the past few days, another nine batches of information were also  posted for sale online. These were filed under the name "American Sanctions".

Real Time Analytics