Banks are seeing evidence that the US home improvements retail chain Home Depot may be the point of origin for a new batch of stolen debit and credit card information being sold on the black market, according to cybercrime specialist Brian Krebs.
Preliminary analysis showed that the cyberattack may have affected all of the company’s US stores, which currently total 1,977. According to several banks, the breach may have begun in April or May 2014. If that all of that is true, this breach may be larger than the infamous Target breach at the end of 2013.
Home Depot confirmed that it was working with banking partners and law enforcement to investigate unusual activity.
“Protecting our customers’ information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers,” said Home Depot spokeswoman Paula Drake. “If we confirm that a breach has occurred, we will make sure customers are notified immediately.”
Citing security reasons, Drake added that it would be inappropriate for Home Depot to speculate further and that the company would provide more information as soon as possible.
The report also said there are signs that the perpetrators may be the same group of Russian and Ukrainian hackers who were connected to other recent cyber attacks, such as the Target breach.
Last month, Home Depot named Craig Menear, president of its US retail unit, as its next chief executive (CEO). He succeeds Frank Blake, who has served as CEO since 2007, on 1 November.
“Home Depot is the latest in a long list of data breach victims,” said Jason Hart, vice president (VP) cloud solutions at SafeNet. “The prevailing perception around data breaches is that they cause long term damage to an organisation’s bottom line. This isn’t necessarily case.
“If you look at the top breaches of the last few years in the pre-Target era, they had limited to no long-term effect on the companies’ bottom lines or stock price. You’ll see a short term blip, and then customers come back. The Target data breach had a significant financial impact on the company, but it’s still too early to estimate how it will impact customer loyalty.
“We don’t know, at this point, what is happening at Home Depot, but this breach and the many data breaches we have seen before are simply a symptom of an outdated approach to securing customer data. Companies need to adopt a secure breach approach that focuses on securing the data once intruders penetrate the perimeter defences. This means they need to attach security directly to the data itself using multi-factor authentication and data encryption, as well as securely managing encryption keys. That way, if the data is stolen it is useless to the thieves.”
Rising interest rates, excitement around blockchain use cases and cross-border payments were all hot topics at this year's AFP conference in San Deigo.
On-Demand Treasury Management Solutions continue to gain increased adoption in the US and EMEA regions.
The US dollar and debt yields falling on the North Korea missile test, treasury being a top target for cyber criminals and why treasurers aren't into real-time payments all hit the latest headlines in the world of treasury this week. Don't miss our ten top news stories from around the world.
Treasurers are being expected to do more work with fewer resources than ever before, so it is little wonder that the automation of day-to-day operations was highly discussed on the second day of EuroFinance, the annual treasury event held in Barcelona this week.