The data hack of Home Depot estimated to include millions of stolen email addresses debit and credit cards has been traced to a Windows machine, the company has revealed.
The hardware retailer estimates that hackers stole 53 million customer email addresses from April to September, and that back in September some 56 million debit and credit cards were compromised from US and Canadian customers.
According to The Wall Street Journal, Home Depot has learned that the hackers used a Windows machine as a point of entry, from which they were able to spread the malware and collect customer data.
The Home Depot is just the latest in a number of large retailers that have made headlines following data hacking – the most notable being Target, which had some 40 million credit and debit card accounts compromised just prior to the Christmas rush last year.
Home Depot has stated that the file containing the email addresses did not contain passwords or other sensitive personal information, but did urge customers to be on guard against phishing scams that might trick them into sharing personal information.
A spokesman for Home Depot Canada says 64,000 Canadian email addresses were stolen.
With the popularity of point-of-sale systems for businesses large and small, the threat posed by data hacking and frequency of successful hacks are just one more example brokers can show business clients for the need of cyber liability insurance.
It was on September 2 that the U.S. Secret Service told Home Depot that hackers were already selling credit card numbers on the black market, and that the hackers initially accessed its network from a third-party vendor with a vendor's username and password.
Home Depot is one of several retailers that have reported large hacks over the past year. Target's pre-Christmas 2013 breach compromised 40 million credit and debit cards and hurt sales and profits. Michaels, SuperValu and Neiman Marcus have also reported breaches. Shoppers appear to have grown numb to the problem.
