Home Depot Hack Dethrones Target as Largest Data Breach

Would your organization have a plan in place?

The Target hack has been dethroned known as the largest data breach after less than a year following Home Depot’s revelation that some 56 million credit and debit cards were exposed to hackers due to an assault via customized malware.

The Wall Street Journal’s Robin Sidel reports:

Home Depot Inc. said 56 million cards may have been compromised in a five-month attack on its payment terminals, making the breach much bigger than the holiday attack at Target Corp

It was the first time the do-it-yourself retailer had defined the scale of a breach it said it was alerted to on Sept. 2. It also said for the first time that the malware has been eliminated from its systems.

The attack further highlighted the vulnerability of U.S. retailers to hackers that have been targeting their payment systems. Home Depot began a project to fully encrypt its payment terminal data this year, but was outpaced by the hackers, people familiar with the matter have said. The company said Thursday that the project is now complete in the U.S.

Home Depot claims to have cut hackers off from its system and eliminated the malware, as well as installing a new encryption system for payment data. While those are important steps to take, even more, urgent is the need for all organizations to realize that no matter the precautions they take, they ARE vulnerable to any data stored on computers, or even hard copy sitting in file cabinets, being stolen.

When the question is not if, but when, suddenly the need to prepare crisis management plans for the worst case becomes much more pressing. Don’t wait until you’re already taking damage to figure out what Step 1 should be.

Jonathan & Erik Bernstein