It appears that Home Depot may be the large retail victim of a cyberthief gang and its breach—which apparently began as long ago as late April—”could be many times larger than Target, which had 40 million credit and debit cards stolen over a 3-week period,” reported Krebs On Security. “Multiple banks say they are seeing evidence that Home Depot stores may be the source of a massive new batch of stolen credit and debit cards that went on sale (Thursday) morning (Sept. 2) in the cybercrime underground. Home Depot says that it is working with banks and law enforcement agencies to investigate reports of suspicious activity.”
Krebs reported there are indications that the attackers may be the same group of Russian and Ukrainian cyberthieves accused of “data breaches at Target, Sally Beauty and P.F. Chang’s, among others.” Various banks involved found their customers’ card being sold in “the same underground store – rescator[dot]cc — which on Sept. 2 moved two massive new batches of stolen cards onto the market.”
Home Depot issued a statement that did not confirm a breach, but “confirm (that) we are looking into some unusual activity and we are working with our banking partners and law enforcement to investigate. Protecting our customers’ information is something we take extremely seriously and we are aggressively gathering facts at this point while working to protect customers. If we confirm that a breach has occurred, we will make sure customers are notified immediately. Right now, for security reasons, it would be inappropriate for us to speculate further – but we will provide further information as soon as possible.”
Although cyberthieves are typically motivated by money and little else, there are hints that this case might have a political element. “In what can only be interpreted as intended retribution for U.S. and European sanctions against Russia for its aggressive actions in Ukraine, this crime shop has named its newest batch of cards ‘American Sanctions.’ Stolen cards issued by European banks that were used in compromised U.S. store locations are being sold under a new batch of cards labeled ‘European Sanctions.'”
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More