Home Depot: Breach cost $62M, exposed 56M cards

September 19, 2014

Phil W. Hudson

The Home Depot Inc.’s Sept. 2 data breach will cost the company $62 million and is estimated to have put information at risk for 56 million payment debt/credit cards.

The Atlanta-based home improvement retailer (NYSE: HD) on Thursday confirmed the malware used in its recent breach has been eliminated from its U.S. and Canadian networks. The company said it has completed a major payment security project that provides enhanced encryption of payment data at point of sale in the company’s U.S. stores, offering new protection for customers.

Home Depot operates more than two dozen stores across greater Phoenix.

“We apologize to our customers for the inconvenience and anxiety this has caused, and want to reassure them that they will not be liable for fraudulent charges,” Frank Blake, chairman and CEO, said in a statement.

After learning about the breach, Home Depot’s IT security team, its IT security firm partners, its banking partners and the Secret Service determined the hackers used unique, custom-built malware to evade detection. The malware had not been seen previously in other attacks, according to Home Depot’s security partners.