Krebsonsecurity, who’s usually right on when it comes to credit card security, is reporting that Home Depot may have suffered a massive data breach of customer credit card data. In this report, Daniel Krebs, a trusted reported on matters of credit card security, has begun investigating what looks like a massive breach of customer data.
Krebs reports that multiple banks say they are seeing evidence that Home Depot stores may be the source of a massive new data breach. Two gigantic data dumps, cleverly called “American Sanctions 1, 2” surfaced in the underworld of the internet on Tuesday morning. Krebs speculates that the names of American Sanctions, and a European data dump called European Sanctions, could be the handiwork of Russian cyber criminals and could be direct retribution for sanctions on the Ukraine.
Krebs contacted Home Depot and received the following statement from a Home Depot spokesperson: ““I can confirm we are looking into some unusual activity and we are working with our banking partners and law enforcement to investigate,” Drake said, reading from a prepared statement. “Protecting our customers’ information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers. If we confirm that a breach has a occurred, we will make sure customers are notified immediately. Right now, for security reasons, it would be inappropriate for us to speculate further – but we will provide further information as soon as possible.”
Home Depot has 2000 stores in the United States and another 287 stores outside the US.
Many reports suggest that this could be the same group of cyber criminals responsible for the recent PF Chiangs data breach and the infamous Target data breach of the last holiday season.
Krebs has also heard from several banks that this breach could have gone all the way back to April 2014 which could in effect make it several times larger than the Target data breach.
The Target data breach occurred over the 2013 holiday season and was spotted just before the final holiday push. Target has had an extremely hard time rebounding from that data breach and regaining customer trust. Back in May, six months after the data breach, Target CEO Gregg Steinhafel finally resigned.