Slashdot Mirror

← Back to Stories (view on slashdot.org)

Home Depot Confirms Breach of Its Payment Systems

Posted by Soulskill on from the hackers-can-do-it.-we-can-help. dept.

itwbennett writes: Home Depot confirmed Monday that its payment systems had been breached, potentially affecting any customers who shopped at its stores in the U.S. and Canada since April. There's no evidence yet that debit card PINs had been compromised, the company said, though it is still figuring out the scope and scale of the attacks. Home Depot is offering a free year of identity protection services for anyone who used a payment card in one of their stores since the beginning of April.

3 of 111 comments (clear)

  1. Re:PCs are the problem by Vellmont · · Score: 5, Interesting

    That and credit card companies are too fucking cheap to switch to chip and pin. The only reason the rest of world switched was because the companies were forced to. Not in the good old USA.
    Well, you're going to start getting your (and my) wish starting around October 2015. That's the date the liability shifts. Then the liability shifts to the party implementing the least technology. So if the card issuer issues a chip and pin card, and the retailer has only swipe, the retailer is responsible for any fraud from customers with chip and pin cards. If the retailer has a chip and pin machine, but the card issuer has only swipe, then the card issuer is liable.

    So essentially you're going to start seeing big retailers upgrade to chip and pin machines sometime around Oct 2015. I'm sure it'll be a slow process, with small retailers taking many years to finally upgrade. But it'll happen.

    --
    AccountKiller
  2. Re:CC system is flawed by Anubis+IV · · Score: 3, Interesting

    Why aren't CCs issuing one time tokens per a transaction - this rendering subsequent transactions useless? (Or tying the token to a retailer for subscriptions / etc)

    Hopefully someone brings out a system like that soon.

  3. Re:Who cares? by stoploss · · Score: 3, Interesting

    We get worked up because, inevitably, one day soon (and without warning) our credit cards will stop working, our automated recurring card charges that are on file with our utility companies will bounce, and we will get a letter from our CC company saying:
    "A data breach at an undisclosed partner has occurred and we are therefore issuing you a new card, which will arrive in several more days under separate cover, for no reason other than to increase the inconvenience for you. In the meantime, enjoy the fact that we only sent this letter after we disabled your card so you are only finding out about our unilateral action officially now, several days after your card stopped working. Be grateful we are working to 'protect' you, maggot, even though you have zero fucking liability for fraud anyway."

    It's a goddamn pain in the ass to deal with this, and we are not compensated for the hassle or the bounced payment charges that happen through no fault of our own.