Home Depot Data Breach, How Did it Happen

  • By David Lukic
  • Dec 18, 2020

Cybercriminals can break into any system; this was proven by the Home Depot data breach of 2014. More than 50 million people were affected by the Home Depot data hack during which a hacker used malware to infect self-pay kiosks and steal names, email addresses, credit card numbers, security codes and expiration dates. The incident affected both American and Canadian citizens. Investigators believe that a variant of the same malware (BlackPOS) used to infiltrate Target was used to steal millions of credit cards from Home Depot. The warehouse giant was criticized for not responding to the breach sooner and for taking its time to report the incident to affected customers and the authorities. Additional details indicate that the hacker used stolen vendor credentials to get into Home Depot’s system to install the malware

home depot data breach


When Was the Home Depot Data Breach?

The Home Depot data breach took place between April 2014 and September 2, in both the U.S. and Canada. Malware was installed on self-checkout terminals, and that is how the criminals were able to steal names and credit card information for more than 50 million customers. 


How to Check if Your Data Was Breached From Home Depot Hack

Home Depot notified all affected customers by mail of the data breach. Their letter included information on what to do if the hackers used your information to steal money. Banks announced a spike in ATM withdrawals after the breach, even though Home Depot claimed debit card PINs were not taken. The best way to check to see if your data was breached is to review your bank and credit card statements from April 2014 and beyond. Look for any unauthorized activity. You should also get a copy of your credit report and look for accounts that you did not open. 


What to Do if Your Victim of Home Depot Data Breach

If you shopped at Home Depot between April of 2014 and September 2014 and you used a self-checkout cash register, you were most likely affected. By now, you should have canceled the credit or debit card you used and had the bank reissue you another one. You should have reviewed your bank and credit card statements and also checked your credit report. Additionally, since phishing scams are the result of many of these data breaches, you should make sure your computer is clean by installing antivirus software and running a deep scan. 


Home Depot Data Breach Lawsuits and Settlements

At the time, 57 class-action lawsuits were filed in both the U.S. and Canada. The courts in Atlanta, Georgia, consolidated them. In 2016, Home Depot agreed to a $25 million settlement to reimburse customers for fraud and damages due to the data breach. Additionally, they have beefed up their security and hired a private cybersecurity company to oversee their operations. You can review the settlement document here, but the time to file has passed. They provided a short 120-day window to file claims. 

home depot security breaches


Can The Home Depot Data Breach Cause Identity Theft?

Absolutely! Hackers don’t need much to begin an identity theft campaign, which may include acquiring additional information from the dark web, phishing scams, and other tactics to obtain the information they need to steal your identity and open lines of credit or blackmail you for funds. Most breaches include names and email addresses, and some even include payment information like the Home Depot hack. With so many data breaches reported, it’s challenging to keep your identity safe these days, but there are things you can do to protect yourself. 


What to Do to Protect Yourself When Paying at Retail Locations


It would be difficult to give up paying with credit or debit cards at retail locations, but other ways to protect yourself are:

  • Use only a single card for retail or online shopping and scan the monthly statements carefully for any fraud or unusual activity.

  • Never give out your personal information to anyone unless you have to.

  • Keep an eye on your credit reports and sign up for credit monitoring with a reputable company like IDStrong.com.

  • Be on the lookout for phishing scams or strange sounding emails. 

  • Never click a link inside an email or download any attachments.

  • Keep your antivirus software updated and run frequent scans.

About the Author
IDStrong Logo

Related Articles

What is Data Leak and How to Prevent Accidental Data Leakage

Data breaches take many forms, and one of them is through data leak and accidental web exposure. M ... Read More

The Saga of T-Mobile Data Breach: 2013, 2015, 2021 and 2023 Hacks

T-Mobile has experienced a number of data breaches in the past decade. The first case occurred som ... Read More

Anthem Data Breach Exposed 78 Million Records

In the Anthem Data Breach of 2015, hackers were able to steal 78.8 million member’s records. ... Read More

Everything You Need to Know About Insider Data Breach

Data breaches are on the news frequently, but the average person doesn’t really know that mu ... Read More

The NSA Hack, How Did it Happen?

The National Security Agency (NSA) was the main attraction in a major data breach involving three ... Read More

Latest Articles

Health Organization Records Stolen via Welltok’s MOVEit - 930k+ Including Minors

Health Organization Records Stolen via Welltok’s MOVEit - 930k+ Including Minors

The number of victims caused by the global MOVEit data breach continues to climb; Welltok has announced more exposures, this time from three more health organizations.

MOVEit Breach Creates More Victims; 105k Records Stolen from Insurance Group

MOVEit Breach Creates More Victims; 105k Records Stolen from Insurance Group

"Pan American Life Insurance Group Building - New Orleans" by Tony Webster is licensed under CC BY 2.0. Source: Flickr

New York Healthcare Provider Notified 600k Following Network Cyberattack

New York Healthcare Provider Notified 600k Following Network Cyberattack

East River Medical Imaging (ERMI) has three locations in New York City and Westchester County.  ERMI is a "multi-modality radiology center," including patient-centered solutions like MRIs, CTs, ultrasounds, imaging, radiology, fluoroscopy, and x-rays.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an age
Please enter an email address