Confirmed: Hackers Breached Home Depot

Home-improvement company doesn't divulge many details
By Neal Colgrass,  Newser Staff
Posted Sep 8, 2014 5:20 PM CDT
Home Depot: Yes, Hackers Breached Our System
A Home Depot sign is shown on Tuesday, Aug. 14, 2012, in Nashville, Tenn.   (AP Photo/Mark Humphrey)

Home Depot admitted today that hackers really did breach the company's payment systems in US and Canadian stores and may have been breaking in since April, the Wall Street Journal reports. The Atlanta-based home-improvement chain said it investigated the hack with banks, law enforcement, and tech security companies like Symantec. The company promised that no customers would end up paying "fraudulent" charges, but it didn't say how many accounts were hacked or how long the hackers had access to the system, the Atlanta-Journal Constitution reports.

Krebs on Security, which broke both the hack and the probe results, reports that the same hackers who got their hands on 40 million Target customer accounts last year may have struck Home Depot. They used a variation of the same software, BlackPOS (or "Kaptoxa"), which was invented by a Russian teenager two years ago. What's more, Home Depot customer card numbers have already shown up on the black-market cybercrime website Rescator.cc, where millions of cards from the Target hack were sold. Designed to breach point-of-sale systems that use Windows, BlackPOS can disguise itself as part of the system's antivirus software, reports Trend Micro. (More Home Depot stories.)

Get the news faster.
Tap to install our app.
X
Install the Newser News app
in two easy steps:
1. Tap in your navigation bar.
2. Tap to Add to Home Screen.

X