BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

Home Depot says 56 million payment cards exposed in data breach

Home Depot says 56 million payment cards exposed in data breach

Home Depot Inc. on Thursday said the malware used in its recent breach, which it said has put about 56 million payment cards' information at risk, was custom-built and has now been eliminated from its U.S. and Canadian networks.

The Atlanta-based home improvement retailer said it has also completed a major payment security project that provides encryption of payment data at point of sale in the company's U.S. stores, which it said provides significant new protection for its customers.

Home Depot said in its announcement that the criminals used “unique custom-built malware” to evade detection and that it had not been seen previously in other attacks, according to the retailer's security partners. It said the malware is believed to have been present between April and September 2014.

Home Depot, which said it has been working with the U.S. Secret Service on the breach, said any terminals identified with malware were taken out of service to protect customer data until the malware was eliminated, and the company “quickly put in place other security enhancements.”

It said the hackers' method of entry has been closed off and the malware has been eliminated from the company's systems.

The retailer said the company's new payment security protection locks down payment data through enhanced encryption, which takes raw payment card information and scrambles it to make it unreadable and “virtually useless” to hackers.

The company's new encryption technology, which was provided by Cupertino, California-based Voltage Security Inc., has been tested and validated by two independent information technology security firms, the company said.

Home Depot said the rollout of the encryption technology was completed in all U.S. stores on Sept. 14 and will be completed in its Canadian stores by early 2015. It said the projects involved deploying nearly 85,000 new pin pads to stores.

The statement said also that Home Depot's Canadian stores are already enabled with EMV “chip and PIN” technology. This is smart-chip technology more widely used in Europe that has embedded microprocessor chips that store and protect cardholder data. It is named after its original developers — EuroPay, MasterCard Inc. and Visa Inc. and is an alternative to the magnetic strip now more commonly used on payment cards in the United States.

Home Depot reiterated, as it has announced previously, there is no evidence that debit PIN numbers were compromised or that the breach has impacted stores in Mexico or customers who shopped online at or

Home Depot is offering free identity protection services, including credit monitoring to any customer who used a payment card at a Home Depot store from April 2014 on.

Home Depot has $105 million in cyber insurance, according to market sources.

Read Next