As reported by Reuters, Home Depot Inc, the largest U.S. home improvement retailer, on Tuesday reached a $17.5 million settlement to resolve a multistate probe into a 2014 data breach where hackers accessed payment card data belonging to 40 million customers.
The settlement stemmed from a breach between April 10, 2014, and Sept. 13, 2014, affecting customers who used self-checkout terminals at its U.S. and Canadian stores.
Hackers used a vendor’s user name and password to infiltrate Home Depot’s network, and deployed custom-built malware to access customers’ payment card information. The Atlanta-based retailer previously said at least 52 million people also had their email addresses exposed, partially overlapping those whose payment card data was compromised.