Home Depot Possibly Hit with Breach (Sept. 3, 2014)
Home Depot may have become the latest high-profile retailer to fall victim to a customer data breach. In a statement posted on its Website yesterday, the home improvement giant said it was “looking into some unusual activity that might indicate a possible payment data breach.” Home Depot is working with its bank partners and law enforcement to investigate and, if a breach is confirmed, the company will offer free identity protection services and credit monitoring to potentially impacted customers, according to the statement.
The potential breach was first reported by the Website Krebs on Security, which said yesterday that multiple banks had reported seeing evidence that Home Depot stores may have been the source of a large batch of stolen payment card data that were put up for sale yesterday morning on a black market Website. The Krebs report went on to note that several banks said the customer data may have been exposed from as far back as late April or early May 2014.
Meanwhile, the state of Louisiana said that several of its government-funded prepaid programs may have been subject to a data breach. The state’s Department of Revenue was notified by JP Morgan Chase that personal cardholder information held by the bank—which issues prepaid cards for state agencies—may have been exposed. Among the potentially affected prepaid programs are those for state income tax refunds and unemployment benefits. The bank said it does not know if or to what extent the information may have been exposed.
See related stories: