After two weeks of investigation, The Home Depot has published confirmation that all POS malware has been eliminated from their stores. They also report that between April and September 2014, approximately 56 million unique payment card credentials were stolen. That makes the event the largest point of sale data breach on record. In addition, the company writes that the breach utilized a completely unique and custom malware, never seen before.
What you need to do: Check your credit and debit card records for transactions at the retailer between April and September 2014. If you shopped there during this time, you should cancel the card that was used and get a new one as soon as possible.
Home Depot’s official statement can be downloaded in PDF format here. Preliminary details from initial disclosure 2 weeks ago can be found on our blog.
Have a great (credit-fraud-free) day!