Home Depot Credit Card Breach

Security analysts have discovered a large batch of credit cards posted onto a credit card resale website called rescator . Rescator [dot] cc is a website hosted in Russia for the purpose of selling stolen credit card information. The website lists batches of stolen data including information about where they were stolen from. The origin is used by the buyers so the card can be used in the same area of where the card is registered thus being less likely to be flagged as suspicious. Krebs on Security – a reputable cyber security blog – has taken the zip codes of the credit card batch and has found a 99% overlap with home depot locations. The high overlap suggests a strong likelihood that the source of the cards is from home depot. Home depot has yet to acknowledge that there has been a breach. Home depot has however, stated that they are currently investigating a potential breach. Home depot stated “If we confirm a breach, we will offer free identity protection services, including credit monitoring, to any potentially impacted customers.” leading many to believe that a breach has occurred. It is estimated that the breach occurred 3 to 4 months ago, yet it was only discovered once the information was put up for sale. There is speculation that this breach could effect more people than the notorious 2013 target breach as it effects all home depot locations. Latest reports state that the malware utilized in the attacks is an updated variant of the “blackpos” malware used to siphon credit cards from target points of sale in 2013.

-Ian Stubenbord

Source: http://krebsonsecurity.com/2014/09/home-depot-hit-by-same-malware-as-target/

http://krebsonsecurity.com/2014/09/data-nearly-all-u-s-home-depot-stores-hit/

https://corporate.homedepot.com/MediaCenter/Pages/Statement1.aspx

Advertisements