Home Depot in contact with Secret Service over alleged breach: source

Home improvement retailer Home Depot Inc (NYSE:HD) has been in contact with the U.S. Secret Service about an alleged major breach of customer and credit card data that came to light this week, a law enforcement source told Reuters on Thursday.

Any investigation by the Secret Service appears to be at a very early stage, the source said.

The Secret Service, which declined comment, usually is the lead agency in federal criminal investigations into complex breaches of credit card and other consumer data.

Another law enforcement source said the FBI, which also sometimes participates in such investigations, does not appear to be involved. It is unclear whether the U.S. Department of Justice is playing any role.

Customer data could have been stolen from nearly all of Home Depot's 2,200 stores in the United States, according to information released on Wednesday by security blog KrebsonSecurity.

Home Depot has not confirmed that a breach occurred and it remains unclear whether or how many customers were impacted.

If confirmed, the Home Depot incident could be among the most widespread in the string of security breaches at U.S. retailers in the recent past.

Spokeswoman Paula Drake on Wednesday said the retailer is working with IT security firms, including Symantec Corp <SYMC.O> and FishNet Security, to investigate whether there has been a data breach.

A Symantec spokeswoman confirmed that Symantec was assisting with the investigation but did not elaborate.

Home Depot sought to comfort its consumers, promising free identity-protection services, including credit monitoring, to any potentially impacted customers and reassuring that the retailer or the banks that issued the cards will be responsible for any fraudulent charges.

Home Depot shares were up 1.6 percent at $90.39 on Thursday morning on the New York Stock Exchange.

Concerns about a potential Home Depot data theft follow a major breach at retailer Target Corp <TGT.N>, where hackers late last year stole at least 40 million payment card numbers and 70 million other pieces of customer data.