Home Depot customer database hacked?

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.consumeraffairs.com/news/home-depot-customer-database-hacked-090214.html

Home Depot may be the latest addition to the list of companies that
suffered a security breach after hackers broke into their
customer-information database.

Security blogger Brian Krebs reported the news on Tuesday morning. A Home
Depot spokesperson, reading from a prepared statement, told him:

“I can confirm we are looking into some unusual activity and we are working
with our banking partners and law enforcement to investigate. Protecting
our customers’ information is something we take extremely, seriously and we
are aggressively gathering facts at this point while working to protect
customers. If we confirm that a breach has a occurred, we will make sure
customers are notified immediately. Right now, for security reasons it
would be inappropriate for us to speculate further but we will provide
further information as soon as possible.”

Krebs' sources say that on Sept. 2, multiple banks noticed a new pile of
stolen debit and credit card accounts offered for sale in the cybercrime
underground that morning, account information apparently stolen from Home
Depot's database.

Though no detailed information is currently available to explain just how
this was discovered, presumably it's because the various banks noticed that
all of the stolen credit- or debit-card numbers from the most recent batch
had one thing in common: they'd all been used to buy something from Home
Depot.

Connected to others

Based on the currently available evidence, the Home Depot hackers appear to
be Russian or Ukrainian, and connected with other recent hackings at P.F.
Chang's,Sally Beauty Supply, and Target:

"In what can only be interpreted as intended retribution for U.S. and
European sanctions against Russia for its aggressive actions in Ukraine,
this crime shop has named its newest batch of cards “American Sanctions.”
Stolen cards issued by European banks that were used in compromised US
store locations are being sold under a new batch of cards labled “European
Sanctions.”"

(Actually, even if these hackers do indeed prove to be from or sympathetic
to Russia, there is one other possible interpretation for their actions:
They're greedy thieves who intended this for their own gain anyway, but
decided to claim patriotic, love-of-country motivations because – hey, why
not?)

According to Krebs, there's no information yet confirming how limited or
widespread the breach is, but early reports indicate all 2,200 Home Depot
locations in the United States were affected. At 1:50 on Monday afternoon
(Eastern time), Krebs updated his initial report to say:

"Several banks contacted by this reporter said they believe this breach may
extend back to late April or early May 2014. If that is accurate — and if
even a majority of Home Depot stores were compromised — this breach could
be many times larger than Target, which had 40 million credit and debit
cards stolen over a three-week period."

If you have made a credit- or debit-card Home Depot purchase at any time
since last April, contact your bank or card issuer at once, and take all
necessary identity-theft precautions.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!