Advertisement

53M emails breached in massive Home Depot hack

'Our security systems could have been better,' says official.

By Mary Papenfuss
53M emails breached in massive Home Depot hack
Home Depot is now insituting more advanced encryption of payment data. (Home Depot/Facebook).

ATLANTA, Nov. 7 (UPI) -- Hackers swiped an astonishing 53 million email addresses at Home Depot — in addition to customer data for 56 million credit cards, which the company had previously revealed.

Passwords and payment card information were not accessed in the email hack, said Home Depot, but addresses can be used effectively in scams or to trick people into revealing more sensitive information.

Advertisement

The crooks used a third-party vendor's user name and password to get into the system and then obtained "elevated rights" to more sensitive data in the biggest-ever retail breach. The strategy was similar to the one used at Target, where hackers gained access last year via a refrigeration contractor's electronic billing account.

In a new twist, they installed malware on self-checkout registers, USA Today reported.

Retailers have been slammed by security experts for failing to isolate sensitive sections of their networks from those more easily accessible to outsiders. "If we rewind the tape, our security systems could have been better," said just retired chief executive Frank Blake.

The company has estimated the attack will cost some $62 million.

Since the attack last April, Home Depot has instituted enhanced encryption of pay data.

Advertisement

Latest Headlines

Advertisement
Advertisement

Follow Us

Advertisement