2 min read

Home Depot Investigates Possible Credit Card Breach

Alexandra GHEORGHE

September 03, 2014

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Home Depot Investigates Possible Credit Card Breach

American retailer Home Depot began an internal investigation after a report that customer data and card credentials were stolen from its systems and sold on black markets, according to security researcher Brian Krebs.

“I can confirm we are looking into some unusual activity and we are working with our banking partners and law enforcement to investigate,” Paula Drake, the company`s spokesperson said.

Multiple banks have indicated Home Depot may be the source of two new batches of stolen credit cards that went on sale on the underground marketplace rescator[dot]cc, on September 2nd.

“Home Depot offers clients two payments options, one via PayPal and another through its own system,” Bitdefender Online Threats Researcher Marius Doroftei said. “One technique hackers could have used to grab the data is through a vulnerability in https://secure2.homedepot.com, Home Depot’s own payment interface, however, since the site is SSL-secured, there is a higher probability they found a way to access the company`s storage facilities and steal the banking credentials.”

Amid US and European sanctions against Russia for its actions in Ukraine, the hypothesis of a politically motivated attack has not been excluded either. The retailed batches of stolen cards were labeled “American Sanctions” and “European Sanctions”. It appears the cards were issued by European banks and used in compromised US store locations.

Home Depot is also a preferred target of spammers who are overwhelming clients` Inboxes with fake promotional newsletters and pharmaceutical offers, Bitdefender warns. The latest spam campaign hides fraudulent links under the “amazing new opportunity” of a new window installation, offered to select subscribers looking to improve their homes.

Home Depot Investigates Possible Credit Card Breach

The suspected breach may have occurred in late April or early May and could involve all 2,200 of the company`s stores in the U.S., Krebs said.

“Protecting our customers` information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers. If we confirm that a breach has occurred, we will make sure customers are notified immediately,” Home Depot added.

This is the latest in a series of recent security incidents, after major financial institutions including JPMorgan Chase and allegedly four others, were hit by cyber-attacks.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Common Credentials Criminals Use in IoT Dictionary Attacks Revealed Common Credentials Criminals Use in IoT Dictionary Attacks Revealed
Silviu STAHIE

November 30, 2021

3 min read
Interpol Busts 1,000 Cyber Crooks and Recovers $27M in Massive Fraud Crackdown Interpol Busts 1,000 Cyber Crooks and Recovers $27M in Massive Fraud Crackdown
Filip TRUȚĂ

November 29, 2021

2 min read
Social media firms will be forced to unmask online trolls, says Australia Social media firms will be forced to unmask online trolls, says Australia
Graham CLULEY

November 29, 2021

2 min read