Home Depot Reaches $17.5 Million Settlement Over 2014 Breach

By   ISBuzz Team
Writer , Information Security Buzz | Nov 25, 2020 11:43 am PST

As reported by Reuters, Home Depot Inc, the largest U.S. home improvement retailer, on Tuesday reached a $17.5 million settlement to resolve a multistate probe into a 2014 data breach where hackers accessed payment card data belonging to 40 million customers.

The settlement stemmed from a breach between April 10, 2014, and Sept. 13, 2014, affecting customers who used self-checkout terminals at its U.S. and Canadian stores.

Hackers used a vendor’s user name and password to infiltrate Home Depot’s network, and deployed custom-built malware to access customers’ payment card information. The Atlanta-based retailer previously said at least 52 million people also had their email addresses exposed, partially overlapping those whose payment card data was compromised.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Jake Moore
Jake Moore , Global Cyber Security Advisor
November 25, 2020 7:46 pm

Punishing huge companies must set a precedent but we don’t want to see any company forced out of business for a mistake which may have been out of their control. Data breaches happen in a variety of ways and many could have been avoided with best practice, simulation attacks and better staff training. However, many are simply unavoidable and bad luck which do not require much more punishment other than the negative publicity they will no doubt attract. Maybe if the fines were reduced if companies were more open to how they were breached, we may see a change in how they are reported and penalised.

Last edited 3 years ago by Jake Moore

Recent Posts

Would love your thoughts, please comment.x