Expert: Home Depot email hack may lead to ID thefts

November 7, 2014

Marie Szaniszlo

Two months after it revealed that 56 million of its customers’ debit and credit cards had been compromised, Home Depot yesterday disclosed that hackers also stole 53 million email addresses — information that, coupled with customers’ financial data, could be used to hack their family and friends, as well as banks, businesses and government agencies, one expert said.

“This is the new crime wave of the 21st century,” said Anthony Roman, president of Roman & Associates, a global investigative and security consulting firm. “It’s an emerging style of robbery and warfare.”

Home Depot said the hacked file containing the email addresses did not contain passwords or other sensitive personal information. However, Roman said that once hackers have an email address, they can send emails embedded with a virus, and if the recipients open the attachment, their computers become infected, allowing the hackers access to those people’s passwords, contacts and all of the other information on their computers.

“With financial data like your debit or credit card, the implications are clear. If they now have your email address, it makes it easier for them to assume your identity because they can now communicate with your family, your friends, your bank, your mortgage company, your place of business, posing as you,” he said. “And by embedding viruses in all of those people’s computers, they can create a super computer called a botnet and use that computing power to steal corporate secrets and business plans and attack institutions and government agencies.”