Civil Rights
Block on Trump's Asylum Ban Upheld by Supreme Court
Home Depot announced a data breach earlier this month but provided few details. On Thursday, the company announced the breach may have affected as many as 56 million payment cards.
The breach is being blamed on malware that was present in the store's registers from April to September, though the malicious software was confirmed as eliminated on Thursday, reports Business Insider. During these five vulnerable months, tens of millions of unique payment card credentials were at risk, and the customers holding those cards may want answers.
What can your business learn from this Home Depot breach?
Since it began its investigation on September 2, Home Depot has since learned much more about the data breach that has potentially affected millions of customers. In a press release Thursday, the home improvement retail chain confirmed that:
The "custom-built" portion may seem irrelevant, but there was some speculation that the malware used for the Target data breach was the same one present in Home Depot. If that were the case, Home Depot's cybersecurity team may have been negligent in shoring up its digital defenses against a known malware threat.
Although it may be a little too late, Home Depot also announced that it began a new payment data encryption project in January, one which was officially rolled out on September 13. Home Depot promises this new security protection takes payment card info and "scrambles it to make it unreadable and virtually useless to hackers." The company also plans to make use of "Chip and Pin" technology by the end of the year.
So what should your company take away from this Home Depot breach? Here are three reminders:
It's also possible that this breach was less serious than Home Depot is reporting, but when faced with cybersecurity threats, your business needs a robust response.
Follow FindLaw for Consumers on Google+.
Related Resources: