updated 06:39 pm EDT, Tue September 2, 2014
Intrusion may have been performed by same team behind Target hack
Home Depot is investigating "unusual activity" with its customer data, with the retailer appearing to be the victim of a major credit card breach. The store chain confirmed it was looking into the matter earlier today, after a report claimed acquired customer data was going on sale via a number of illicit websites specializing in credit card details.
According to Krebs on Security, the intrusion echoes a similar intrusion from late 2013 involving Target and other retailers. It is believed that the breach may have affected the majority of the 2,200 Home Depot stores in the United States and the 287 non-US stores, with a number of banks advising the breach could have taken place as early as late April or early May of this year. In comparison to Target's 40 million card credit and debit card details taken over a three-week period, the Home Depot hack could end up impacting many more customers, depending on how long it ran for.
It is possible the attack was even pulled off by the same team behind the Target data heist, with the same shady online store apparently selling the card data. The data has seemingly been split up into three batches, with one named "European Sanctions" and the other two as "American Sanctions," potentially as retribution against sanctions recently placed upon Russia.
In a statement received by TechCrunch, Home Depot is "working with our banking partners and law enforcement to investigate," and that "Protecting our customers' information is something we take extremely seriously." The company refuses to speculate about the intrusion "for security reasons," but states it will provide more details as soon as possible.