December 22, 2024 08:29 AM

Massive Home Depot Hack: Over 40 Million Credit Cards Hacked Linked To Russian Hackers? Adds Security Pressure, Home Depot Investigates

Massive Home Depot hack came as a shock, similar to previous "massive" hacks of retail giants before it. According to intial reports, the massive Home Depot hack may involve as many as 40 million credit cards stolen through the possible use point-of-sale (PoS) malware deployed across most of Home Depot's 2,200 stores in the U.S.

According to Daily Tech, the massive hacking conspiracy involving retail giant Home Depot Inc. (HD) has been linked to a "massive" loss of customer data to hackers who may beoperating out of Russia and Eastern Europe.

The Associated Press reports that the massive Home Depot hack may be the latest retailer hack involving a major credit card data breach.

The enormous number of credit and debit card information went on sale on a criminal Internet site on Tuesday, reports USA Today. The information is suspected to be from Home Depot stores and hackers responsible are speculated to be linked to the breaches at Target and P.F. Chang's as well, according to security experts.

The possible massive Home Depot hack was reported initially by journalist Brian Krebs of "Krebs on Security", a website focusing on cybersecurity.

According to Krebs blog, Krebsonsecurity.com, the credit card information of over 40 million people was offered up for sale on Tuesday through cybercrime hub rescator[dot]cc, an underground site which traffics stolen financial information.

The cards were reportedly posted under the headings "U.S. Sanctions" and "European Sanctions", suggesting the cybercriminals efforts' are a "retaliation against the U.S. and European governments for their sanctions against Russia over its involvement in eastern Ukraine", said Daily Tech.

According to Krebs, the party responsible for the massive Home Depot hack may also be the same group of Russian and Ukrainian hackers behind last year's Target breach. The AP reports that Krebs was also responsible for breaking the news of the Target breach.

Though it still isn't clear how many stores were involved in the massive Home Depot hack, preliminary analysis revealed over 2,200 Home Depot stores in the U.S. affected. According to several banks contacted, the breach may have begun late April or early May.

According to Paula Drake, a Home Depot spokeswoman, as told to the AP, she could only "confirm that we're looking into some unusual activity, and we are working with our banking partners and law enforcement to investigate."

The label "American Sanctions" and "European Sanctions" had Krebs interpreting the massive Home Depot hack as "intended retribution" for the U.S. and Europe's involvement in Russia's fight with Ukraine.

Meanwhile, Drake said the retail giant takes protecting its customers' information extremely seriously.

She said, "We are aggressively gathering facts at this point while working to protect customers. If we confirm that a breach has occurred, we will make sure customers are notified immediately."

Significant losses may be suffered by companies who have been victims to credit card security breaches.

According to the AP, Home Depot Inc.'s shares fell to $1.88, or 2 per cent, to close at $91.15 after the massive Home Depot hack.

In recent months, hackers have been breaking security walls for many retailers including Target, grocery store chain Supervalu, P.F. Chang's and the thrift store operations of Goodwill, reports the AP.

In the meantime, following its own massive credit card data breach the last holiday season, the USA Today reports that Target is still recovering. Target's dilemma involved the hacking of information and card data of up to 130 million of its customers.

According to the Department of Homeland Security, more than 1,000 U.S. businesses may have been infected by the recently discovered point-of-sale malicious software called "Backoff," which could be responsible for the string of massive hacks.

First detected in October 2013, the malware was not recognized by antivirus software programs until last month, said Homeland Security.

The massive Home Depot hack may or may not have involved "Backoff," however these kinds of data problems are reportedly pervasive, according to Avivah Litan, a computer security analyst with Gartner Research in Stamford, Conn.

She said that the real trouble lies in the credit card companies and banks which aren't utilizing stronger security.

The massive Home Depot hack, as well as other string of breaches has rattled shoppers' confidence in their personal data's security. They are reportedly pushing retailers, banks and card companies to increase security by adopting microchips into U.S. credit and debit cards.

According to experts, this will be the next step in credit card security - computer chips which requires using a PIN, as is custom in Europe.

Massive Home Depot hack, similar to others before it, should have companies thinking more about upgrading their cards to "chip and PIN" ones to reinforce the need for "stepped-up security in payments, especially in the US", said Seth Ruden, a fraud consultant at banking payment company ACI Worldwide in Naples, Fla.

Join the Discussion
Real Time Analytics