Hackers leaks names and email addresses of 10,000 Home Depot employees on data breach forum

The prolific threat actor known as IntelBroker has leaked the personally identifiable information of nearly 10,000 Home Depot employees online.

The hacker said in a post from April 4 that the home improvement giant was breached sometime this month.

“In April 2024, Home Depot suffered a data breach that exposed the corporate information belonging to 10K employees of the company,” IntelBroker said. “Compromised Data: Full names & email addresses”.

Home Depot has confirmed the validity of the data, stating that one of its SaaS partners accidentally exposed the data of a small number of employees.

"A third-party Software-as-a-Service (SaaS) vendor inadvertently made public a small sample of Home Depot associates' names, work email addresses and User IDs during testing of their systems," Home Depot told BleepingComputer.

Other significant data breaches linked to IntelBroker include PandaBuy, the England and Wales Cricket Board and Facebook.

While limited in information, the leaked database, now available for download on the illicit BreachForums, can still be used by malicious individuals to conduct targeted attacks against all exposed individuals.

Home Depot employees are urged to stay alert for incoming messages, as cybercriminals may attempt to exploit exposed data in numerous social engineering tactics.

Any requests for work credentials or other sensitive data, including Social Security Numbers, account passwords, and financial information, should be scrutinized.

Additionally, since the sample data was analyzed and linked to the social media profiles of exposed Home Depot employees, we strongly advise victims to consider setting their profiles to private, or at least updating their privacy settings and paying attention to friend requests and unsolicited direct messages.

When in doubt, Home Depot staff should always report suspicious correspondence.

Combine mindfulness with identity protection to significantly enhance your online security and protect your identity. Bitdefender Digital Identity Protection provides an overview of your online data, including traces from no-longer-used services, notifies you in real-time whenever your data is leaked online, and provides actionable advice so you can immediately patch any security issues linked to your identity and online accounts.