Home Depot Says Breach Affected 56 Million Cards

wiredmikey writes: Home Depot said on Thursday that a data breach affecting its stores across the United States and Canada is estimated to have exposed 56 million customer payment cards between April and September 2014. While previous reports speculated that Home Depot had been hit by a variant of the BlackPOS malware that was used against Target Corp., the malware used in the attack against Home Depot had not been seen previously in other attacks. "Criminals used unique, custom-built malware to evade detection," the company said in a statement. The home improvement retail giant also that it has completed a "major payment security project" that provides enhanced encryption of payment card data at point of sale in its U.S. stores. According to a recent report from Trend Micro (PDF), six new pieces of point-of-sale malware have been identified so far in 2014.

Apple Pay?

[gnasher719]

So what would have happened to someone who didn't use their card, but an iPhone 6 with Apple Pay? I take it they would be completely unaffected?

sad

[Charliemopps]

I'm currently on the phone with my bank dealing with this.
Thanks Home Depot!
After you're done cleaning up this mess, could you clean up the bolt isle so I can actually find what I'm looking for should I ever decide to return to your store?

Official Home Depot statement

[eclectro]

From their website. This is the official Home Depot statement.

Really, this symbolizes the lackadaisical attitude people have when it comes to security - that a breach is not going to happen to them. You'd think after Target major companies like Home Depot would have audited their own security processes.