Cybersecurity isn’t an easy fix that only requires WD-40 and duct tape, and retailer Home Depot Inc. is learning this lesson the hard way.
Home Depot announced on Sept. 2 that it is looking into “unusual activity” that could indicate a possible breach of customer credit card and debit card data. The company is investigating the potential breach along with banks and law enforcement.
The company said it has not determined yet whether or not a breach has in fact occurred, and that it is unknown how many stores or customers have been affected. However, if the investigation reveals that a breach did indeed occur, Home Depot said that it would notify affected customers immediately.
“Protecting our customers' information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers,” said spokeswoman Paula Drake. Home Depot added on its company website on Sept. 3, “We know that this news may be concerning and we apologize for the worry this can create.”
According to cybersecurity reporter Brian Krebs, some banks working with Home Depot believe the breach may extend back to April or May 2014. In addition, Krebs writes, “preliminary analysis indicates the breach may extend across all 2,200 Home Depot stores in the United States.”
Given the breadth of Home Depot’s operations, the breach has the potential to be one of the largest in recent memory. According to the Wall Street Journal, Home Depot is the fourth-largest retailer in the U.S. by revenue, behind only Wal-Mart, Costco and Kroger.
In late 2013, retailer Target faced a similar cyber attack, resulting in the breach of 40 million customer credit and debit cards. The attack led to a number of lawsuits against the company, as well as the appointment of a new CEO. In the past 12 months, Neiman Marcus and P.F. Chang’s China Bistro have also been targets of high-profile cyberattacks.