Home Depot has confirmed that their high-profile data breach was worse than expected, with 53 million email addresses being stolen in addition to the 56 million credit and debit card numbers taken.
In April, the company confirmed that hackers were able to breach their systems by accessing the password of a vendor. That small access allowed the attackers to get deep into the home improvement store's networks through a Windows exploit and take personal info. Even though Microsoft quickly patched the exploits, the hackers were already in and were running through the company's point-of-sale systems using high-level employee permissions.
While the email leak is actually on the smaller side compared to others of the past five years, Home Depot warned users to expect more phishing attacks, in which attackers will try to secure more sensitive information (such as bank accounts or other logins) via purporting to be real companies in fake emails.
Home Depot did not seem too apologetic, claiming that their network design was not at fault but did concede that the company should have placed data security higher in its "mission statement."
The data collection was ongoing for months, and they hackers were only detected after they decided to sell a giant block of credit card numbers on the underground forum Rescator. The U.S. Secret Service then informed Home Depot. On the same day, Capital One called the company to inform them that the only common thread between a giant batch of fraudulent charges from a group of cards was Home Depot. Home Depot, banks and government agencies all tried to buy the cards at that point to take them off the market, and the traffic actually took the site down. In the next few days, the company was able to acquire some cards and began backtracking, eventually finding the "patient zero" server at a store in Miami.
Source:
WSJ
While the email leak is actually on the smaller side compared to others of the past five years, Home Depot warned users to expect more phishing attacks, in which attackers will try to secure more sensitive information (such as bank accounts or other logins) via purporting to be real companies in fake emails.
Home Depot did not seem too apologetic, claiming that their network design was not at fault but did concede that the company should have placed data security higher in its "mission statement."
The data collection was ongoing for months, and they hackers were only detected after they decided to sell a giant block of credit card numbers on the underground forum Rescator. The U.S. Secret Service then informed Home Depot. On the same day, Capital One called the company to inform them that the only common thread between a giant batch of fraudulent charges from a group of cards was Home Depot. Home Depot, banks and government agencies all tried to buy the cards at that point to take them off the market, and the traffic actually took the site down. In the next few days, the company was able to acquire some cards and began backtracking, eventually finding the "patient zero" server at a store in Miami.
Source:
WSJ
