Published September 02, 2014
Home Depot (HD) is investigating a possible security breach that reportedly may have exposed credit cards used by shoppers, the company confirmed on Tuesday.
Multiple banks came across evidence that suggests Home Depot may be the point of origin for a new batch of stolen payment card information, according to Krebs on Security. The cards were posted for sale on the black market on Tuesday morning.
Home Depot said it’s working with banking partners and law enforcement to look into unusual activity.
“Protecting our customers’ information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers. If we confirm that a breach has occurred, we will make sure customers are notified immediately,” Home Depot spokeswoman Paula Drake said in a statement.
Citing security reasons, Drake added that it would be inappropriate for Home Depot to speculate further. The company will provide more information as soon as possible, she said.
Home Depot shares dropped 2.6% to $90.62 in recent trading.
Several retailers have been the subject of data breaches dating back to last year. Target (TGT) was the subject of a massive breach that exposed 40 million credit and debit cards at the start of the holiday shopping season. The cyber thieves gained access to the payment information through Target’s point-of-sale systems.
Krebs on Security reported that based on preliminary analysis, the cyber-attack against Home Depot may have affected all of the company’s stores in the U.S. Home Depot had 1,977 domestic locations at the end of the latest period. The Atlanta-based retailer also has 287 stores in Canada and Mexico.
The report also said there are signs that the perpetrators may be the same group of Russian and Ukrainian hackers who were connected to other recent cyber-attacks, such as the one at Target.
Last month, Home Depot named Craig Menear, president of its U.S. retail unit, as its next chief executive. He will replace Frank Blake, who has served as CEO since 2007, on Nov. 1.