Home Depot Inc said on Thursday that the account information of 56 million cardholders was compromised in what is the largest known breach of a retail company’s computer network.
Home Depot said hackers breached the company’s cash register systems in its US and Canadian stores in April.
The hackers used custom malware that was designed to evade traditional security tools and had not been previously used in other cyberattacks, the Atlanta-based company said.
The company added that it had since removed infected registers and closed off the hackers’ mode of entry and that it had been using new encryption systems in its US and Canadian stores for the past nine months.
Home Depot has been scrambling to investigate the breach since it became public on Sept. 8.
It is unclear how the company missed signs of the attack after a breach last year at Target Corp compromised 40 million cardholders’ information, and after the Secret Service and Department of Homeland Security warned retailers in July that their systems were potentially compromised.
The company said its encryption project began in January but was not completed in its US stores until last weekend.
It said encryption in its Canadian stores would not be completed until next year.
Home Depot’s attack went unnoticed for five months.
During that time, hackers found an entry into the company’s network, gained access to its in-store payment systems and installed malware to take payment data off the memory of the company’s registers during processing.
The hackers then sent that data back to their servers abroad.
Home Depot said it would offer free identity protection and credit monitoring services to any customer who had used a credit or debit card at affected stores.
“We apologize to all of our customers for the inconvenience and anxiety this has caused, and want to reassure them that they will not be liable for fraudulent charges,” Home Depot chief executive Frank Blake said in a statement.
The Department of Homeland Security and the Secret Service recently estimated that more than 1,000 US businesses had been infected with malware programmed to siphon payment card details from cash registers.
They believed that many of these businesses did not know they were sharing customers’ credit card information.
Besides Home Depot and Target, companies that have been attacked by hackers include UPS, Goodwill, P.F. Chang’s, Sally Beauty, Michael’s and Neiman Marcus.
NEW MARKET: The partnership opens up India to the Dutch company, which already has a strong hold in the semiconductor market of South Korea, Taiwan and China ASML Holding NV entered into a partnership agreement with Tata Electronics Pvt Ltd aimed at ramping up India’s goal to develop domestic chip-manufacturing capabilities. The Dutch company’s technology would help power Tata Electronics’ planned 300 millimeter (mm) semiconductor foundry in Gujarat, according to a joint statement from the two companies on Saturday. The signing of a memorandum of understanding coincides with a visit by Indian Prime Minister Narendra Modi to the Netherlands, which is looking to deepen bilateral relations with New Delhi. ASML, whose top customers include Taiwan Semiconductor Manufacturing Co (台積電) and Samsung Electronics Co, makes lithography machines that can print
PORTFOLIO REBALANCING: The adjustments in three global equity indices reflect rising investor appetite for semiconductor and artificial intelligence-related stocks Taiwan’s weighting in major global equity indices compiled by MSCI Inc is to rise modestly following the latest quarterly review, underscoring the market’s expanding role in emerging-market portfolios, as global investors continue to favor the nation’s technology sector. Taiwan’s weighting in the MSCI Emerging Markets Index is to increase by 0.30 percentage points to 23.76 percent, after the changes take effect at the close of the May 29 session. Its weighting in the MSCI All-Country Asia ex-Japan Index is to rise 0.37 percentage points to 27.16 percent, while that in the MSCI All Country World Index is to edge up slightly to
The Hsinchu County Government’s Labor Affairs Department yesterday said that it has received a plan from cosmetics brand Taiwan Shiseido Co (台灣資生堂) detailing mass layoffs at its plant in Hukou Township (湖口). While the labor authorities did not disclose the number of employees to be laid off, Japanese news media earlier in the day reported that the closure of the company’s factory in Hukou would result in 170 employees losing their jobs. Shiseido followed the law by reporting its layoff plan, the department said, adding that authorities would closely monitor negotiations between the management and affected employees and step in if any
Hon Hai Precision Industry Co (鴻海精密) on Tuesday confirmed a cyberattack targeting some of its North American facilities, but said the affected factories were gradually returning to normal. The company, known globally as Foxconn Technology Group (富士康科技集團), said that its cybersecurity team “activated the response mechanism and implemented operational measures to ensure the continuity of production and delivery.” “The affected factories are resuming normal production,” the company said in a statement. Hon Hai had previously described it as a “technical issue,” when news of the cyberattack first surfaced. The confirmation followed media reports of a large-scale information technology system incident that broke out at
RSS