Home Depot recently announced that a breach at its U.S. and Canadian stores, which took place over six month period, might have put 56 million payment cards at risk. This makes it the largest among the cyberattacks that targeted retailers over the past year. Home Depot also revealed that the malware behind the attack has been eliminated from the retailer’s systems. An investigation revealed that a custom-built malware was used which evaded detection once it got implanted.
Experts believe that organised gangs of cybercriminals are behind the string of breaches that affected U.S. retail stores. Some are even speculating such gangs to be of Eastern European origin.
Home Depot mentioned in the announcement that it has completed a major security deployment that fully encrypts its payment data at its point-of-sales terminals in U.S. stores. The security upgrade was launched in January of 2014 before the breach had begun. Home Depot expects to complete the roll out of a similar system in its Canadian stores by early 2015.
Home Depot’s Canadian stores are already enabled with EMV -- a more secure credit card technology. But it has not yet been widely deployed in the United States. Major payment processors have set an October 2015 deadline for retailers to install such measures or be liable for fraud caused by using outdated methods. Home Depot says EMV will be deployed in all of its U.S. stores by the end of the year.
The company is offering free identity protection and credit monitoring services to customers who made purchases at Home Depot store after April of this year. “We apologize to our customers for the inconvenience and anxiety this has caused, and want to reassure them that they will not be liable for fraudulent charges,” said Home Depot chief executive Frank Blake in a statement.
All the recent data breaches which includes Target Corp., Neiman Marcus, Sally Beauty Holdings Inc., Michaels Stores Inc. and P.F Chang’s clearly point out the fact that U.S. consumers are not safe and an enormous amount of work is to be done in the U.S. to stop data breaches. Highest amount of fraud happens in U.S., and hardly a month goes by when there isn’t a breach from some large U.S. retailer. U.S. lags in card security as compared to other countries.
A study has found out that Point-of-Sale (POS) is one of the most vulnerable locations and a large number of frauds occur every year at the POS. Many companies are trying to build solutions to prevent payments fraud. The study by Knowledgefaber estimates Payments Security Market in U.S. to be US $1,327 Million in 2013. The Payments Security Market includes Fraud Detection and Prevention (Back End) Solutions and End Point Security Solutions.