Along with stealing 56 million credit cards from Home Depot, hackers also got their hands on more than 53 million email addresses, the world’s largest home-improvement chain said Thursday.
Home Depot said it discovered the email thefts after a joint investigation with law enforcement and independent security analysts delved into what may be the world’s largest credit card breach.
Hackers entered Home Depot’s network using credentials stolen from a third-party vendor, the company said in a press release. That access allowed hackers to work their way through Home Depot’s network to its self-checkout machines in the US and Canada, where they inserted malicious software to steal customers’ card numbers. Home Depot had confirmed that data breach in September.
A third-party vendor was also the point of entry in last year’s breach at Target, which exposed some 40 million cards.
While no “passwords, payment card information or other sensitive personal information” was held in the files holding customer email addresses, Home Depot warned customers to be on guard against phishing scams — phony emails that try to trick people into revealing personal information.
The malicious software, active on Home Depot’s network between April and September of this year, has been removed, the company said. It has also improved the encryption — which scrambles information to make it unreadable to hackers — in its credit card payment systems.
Read the Full Article: Source – c|net
http://www.cnet.com/news/53-million-emails-stolen-in-home-depot-breach/
Leave a Reply
You must be logged in to post a comment.