AfterDawn: Tech news

Home Depot data breach also led to 53 million email addresses being stolen

Written by Andre Yoskowitz (Google+) @ 07 Nov 2014 11:32

Home Depot data breach also led to 53 million email addresses being stolen Home Depot has confirmed that their high-profile data breach was worse than expected, with 53 million email addresses being stolen in addition to the 56 million credit and debit card numbers taken.
In April, the company confirmed that hackers were able to breach their systems by accessing the password of a vendor. That small access allowed the attackers to get deep into the home improvement store's networks through a Windows exploit and take personal info. Even though Microsoft quickly patched the exploits, the hackers were already in and were running through the company's point-of-sale systems using high-level employee permissions.

While the email leak is actually on the smaller side compared to others of the past five years, Home Depot warned users to expect more phishing attacks, in which attackers will try to secure more sensitive information (such as bank accounts or other logins) via purporting to be real companies in fake emails.

Home Depot did not seem too apologetic, claiming that their network design was not at fault but did concede that the company should have placed data security higher in its "mission statement."

The data collection was ongoing for months, and they hackers were only detected after they decided to sell a giant block of credit card numbers on the underground forum Rescator. The U.S. Secret Service then informed Home Depot. On the same day, Capital One called the company to inform them that the only common thread between a giant batch of fraudulent charges from a group of cards was Home Depot. Home Depot, banks and government agencies all tried to buy the cards at that point to take them off the market, and the traffic actually took the site down. In the next few days, the company was able to acquire some cards and began backtracking, eventually finding the "patient zero" server at a store in Miami.


Source:
WSJ

Previous Next  
Comments have been disabled for this article.

Latest news

Intel announces: First commercial 5G modem in development Intel announces: First commercial 5G modem in development (20 Nov 2017 16:46)
The world's second largest semiconductor manufacturer, Intel, has announced a major project in mobile chips. The company has introduced a future portfolio for commercial 5G modems. According ....
1 user comment
CCleaner becomes adware, here's how to avoid Avast ads CCleaner becomes adware, here's how to avoid Avast ads (20 Nov 2017 13:00)
One of the more popular Windows cleanup tools, CCleaner, has added Avast ads on to their software. After being acquired by Avast, CCleaner wants you to install the virus protection suite along ....
3 user comments
Tesla's power pack charges your phone like a Supercharger Tesla's power pack charges your phone like a Supercharger (18 Nov 2017 13:25)
Tesla announced yesterday two incredible products that are due in two or three years. However, you might not have the money, nor the interest, to buy either Tesla Semi or Roadster, but there ....
Apple's newest product misses the entire holiday season, hits the stores in early 2018 Apple's newest product misses the entire holiday season, hits the stores in early 2018 (18 Nov 2017 12:20)
Apple has decided to push back one of the products originally revealed nearly 6 months ago in WWDC. The smart speaker, dubbed HomePod, has been delayed further and won't be seen in stores this ....
1 user comment
Tesla unveils two new vehicles, electric semi and super-fast new Roadster Tesla unveils two new vehicles, electric semi and super-fast new Roadster (17 Nov 2017 10:53)
Tesla has today announced two new vehicle prototypes that will bring the total number of Tesla cars, and now trucks, to six. As expected Tesla unveiled their "beastly" semi-truck the first time ....
1 user comment

News archive