About a year ago, Target made headlines after it revealed millions of shoppers had their credit card information stolen by hackers. The old cliché is true: history repeats itself. This time, it’s Home Depot that has had to drag its heels to the proverbial podium and admit millions of their customers’ sensitive information has been compromised. Home Depot announced back in September that they suffered a serious security breach, the extent of which was unknown at the time.
On Thursday, November 6th, Home Depot revealed to the public just how bad the breach was. Their investigators estimate that hackers have acquired the credit card numbers of 56 million customers and the email addresses of 53 million customers.
Home Depot was infiltrated by hackers who accessed their system using credentials stolen from a third-party vendor. This is also how Target was hacked, with an employee at one of Target’s third-party vendors, a Pennsylvania heating and air conditioning company, opening up an email that contained a virus that stole the vendor’s remote access information for Target. Once the hackers got into Target’s system, they exploited a vulnerability in Microsoft Windows to access millions of credit card numbers and email addresses.
Most online purchases require the three-digit CRV code of a credit card, and these were not stolen. The original Home Depot hackers sold off the credit card numbers and emails on underground black market online forums. The buyers of the information then engaged in phishing scams to try and glean those CRV codes and other information so they can profit off their stolen information.
Home Depot has warned customers to be suspicious of any emails they receive with too-good-to-be-true offers or anything else that tries to bait them into clicking a link. Home Depot Project Loans cardholders were awarded a $50 gift card to the store as a conciliatory gesture. Home Depot is also in the process of trying to contact customers who they have confirmed have had their information stolen.
Given that it took months for both Target and Home Depot to figure out they were being hacked, who knows how many major retailers out there are currently compromised. For the absolute best protection, one should stick to cash.
Better yet, get off the grid altogether. Bathe in the river. Live off the land. Hook your credit card to a fishing line and use it as a lure: the plastic catches the sunlight well, which attracts fish. In this age of warrantless wiretapping and social media obsessives and online communities of identity thieves, no secret is safe.
Dropping out of society like Thoreau or Salinger may be the only way to completely protect your personal information, but if that’s not for you, here’s a few tips:
To learn more about the Home Depot data breach, give us a call at (604) 986-8170 or send us an email at email@example.com. Compunet InfoTech will help you stay up-to-date on the latest threats and data breaches that impact your security.
Author: Joe Martin, Date: 2014-11-12