RPT-UPDATE 2-Home Depot confirms security breach following Target data theft

Mon Sep 8, 2014 8:51pm EDT
Email This Article |
Share This Article
  • Facebook
  • LinkedIn
  • Twitter
| Print This Article | Single Page
[-] Text [+]

(Repeats with no changes to additional subscribers) (Adds breach details, attorney comments, share price)

By Nandita Bose

CHICAGO, Sept 8 (Reuters) - Home Depot Inc confirmed on Monday its payment security systems have been breached, a data theft analysts warn could rival Target Corp's massive breach last year.

Home Depot said the data theft could impact its customers in stores across the United States and Canada, but there was no evidence that online customers were affected or debit personal identification numbers (PINs) were compromised.

"We owe it to our customers to alert them that we now have enough evidence to confirm that a breach has indeed occurred," Chairman and Chief Executive Officer Frank Blake said in a statement. "It is important to emphasize that no customers will be responsible for fraudulent charges to their accounts."

The breach was first reported by security website KrebsOnSecurity almost a week ago. It said the problem could extend back to April and affect all of Home Depot's 2,200 stores in the United States.

No details were immediately available on how many customers were impacted. But Brian Krebs, who runs the security website, said last week the breach could be larger than Target's last year when hackers stole at least 40 million payment card numbers and 70 million other pieces of customer data.

Krebs reported on Monday that Home Depot's systems were hit by a variant of the same malware that compromised Target's systems last year.

Target has spent $146 million to resolve data breach-related issues since the fourth quarter of 2013. Most of these expenses were for settling actual and potential breach-related claims, mainly by payment card networks.   Continued...