Back on September 2nd, Home Depot announced that 56 million debit and credit card numbers had been compromised, due to a hacking breach. Since further investigating the incident they have discover that a further 83 million email addresses have been taken too, fortunately no passwords.
The following outline the additional findings from the investigation:
- Criminals used a third-party vendor’s user name and password to enter the perimeter of Home Depot’s network.
- The stolen credentials alone did not provide direct access to the company’s point-of-sale devices.
- The hackers acquired elevated rights that allowed them to navigate portions of Home Depot’s network and to deploy unique, custom-built malware on its self-checkout systems in the U.S. and Canada.
The bill for Home Depot to recover from all this is standing at about 67 million, it’s been a pretty bad day in the office for some.