Home Depot Hack Leads to Breach of Credit Cards for All Customers

It seems quite unreal, just a few weeks ago I wrote a blog post of what it is like to go through the process of being hired as a security analyst, and what exactly you’ve to do in order to be noticed by agencies such as FBI, CIA and more. Clearly, the demand for ethical hackers is going to increase rapidly.

Multiple banks say they are seeing evidence that Home Depot stores may be the source of a massive new batch of stolen credit and debit cards that went on sale this morning in the cybercrime underground. Home Depot says that it is working with banks and law enforcement agencies to investigate reports of suspicious activity. — Krebs

Looks like there is strong evidence showing that Home Depot U.S has been breached, and as many as all customer credit card details have been exposed to hackers, and are actually available for purchase on an online black market that goes by the name of Rescator.


Hacking of this scale can really put people off, and because there is strong evidence showing that the actual hacking and breach of these credits cards is authentic, we should expect people to gradually demand for more advanced security techniques. Raw credit card data on a major retailer like Home Depot? I don’t think any press release is going to cover that major of a fuck-up!

Home Depot has not yet said for certain whether it has in fact experienced a store-wide card breach; rather, the most that the company is saying so far is that it is investigating “unusual activity” and that it is working with law enforcement on an investigation.

I have just taken a look at these credit card dumping sites, and they look downright ridicilous. Unfortunately, I’m not going to link out to all the available resources, as that would probably create unnecessary emotions, but here is a post about this on Hacker News; there is a lot of insight to be found there.

I’m looking forward to the development of this story, and perhaps Home Depot will find the courage to admit their poor choice of security layers.