Elizabeth Weise, USATODAY.
Home Depot on Monday confirmed a breach of its payment data systems in the United States and Canada.
The attack goes back as far as April, the world’s largest home improvement retailer said in a statement
The theft appears to have been limited to credit cards.
“There is no evidence that debit PIN numbers were compromised,” the company said.
USATODAY
Home Depot’s credit cards may have been hacked
The breach was originally reported on Sept. 3, but at the time Home Depot could only confirm that it was “looking into some unusual activity,” spokeswoman Paula Drake said.
The stolen credit card data appears to have been taken when the magnetic strips on the back of credit cards were swiped at cash registers at the company.
In a filing with the Securities and Exchange Commission Monday, Home Depot indicated the information was stolen by malicious software (malware) that had infected its computer network.
Credit card security breaches can cause companies significant losses. Target is still recovering from a massive data breach it suffered last holiday season in which 40 million card accounts and the personal information of up to an additional 70 million people were compromised.
“We apologize for the frustration and anxiety this causes our customers, and I want to thank them for their patience and support as we work through this issue,” said Frank Blake, chairman and CEO.
In the SEC filing, the company said that in response to the threat of cyber-attacks, it will roll out “Chip and PIN” cards to all U.S. stores by the end of this year. These cards contain an embedded microprocessor chip that stores and protect cardholder data.
The financial payments industry has established October 2015 as the deadline for companies to switch to the more secure cards.
