The latest victim of Russian hackers specializing in point-of-sale (POS) theft appears to be the venerable do-it-yourself store, Home Depot.
A large cache of credit- and debit-card information, dubbed ‘American Sanctions,’ has appeared in an underground forum previously used to hawk card data from compromises at Target, P.F. Chang’s and Sally Beauty, according to independent security researcher Brian Krebs.
“Multiple banks say they are seeing evidence that Home Depot stores may be the source of a massive new batch of stolen credit and debit cards that went on sale this morning in the cybercrime underground,” he said in a blog. “It is not clear at this time how many stores may be impacted, but preliminary analysis indicates the breach may extend across all 2,200 Home Depot stores in the United States. Home Depot also operates some 287 stores outside the U.S., including in Canada, Guam, Mexico and Puerto Rico.”
Home Depot spokesperson Paula Drake confirmed that the home improvement giant is investigating a breach possibility.
“I can confirm we are looking into some unusual activity and we are working with our banking partners and law enforcement to investigate,” she said in a statement shared with media. “Protecting our customers’ information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers. If we confirm that a breach has occurred, we will make sure customers are notified immediately. Right now, for security reasons, it would be inappropriate for us to speculate further – but we will provide further information as soon as possible.”
If the company’s networks are shown to have been breached, it will be the latest in a string of incidents dating back to last fall, all carried out, it is believed, by the same group of Russian cyber-criminals. Typically the Track 2 card data is taken from the POS readers and sold, subsequently used by criminals to create counterfeit cards. Those criminals are then able to fetch a decent amount via card fraud in the days before a breach is reported. Fortunately, in the wake of so many breaches, the Dark Web locales where the purloined information is peddled are often now monitored by banks and the FBI, meaning that new batches of fresh card info tend to raise red flags sooner rather than later.
And clearly, we have entered a 'new normal' period with regard to data protection.
"Right now, the Home Depot hack is speculation," Jonathan Sander, strategy and research officer for STEALTHbits Technologies told Infosecurity. "Honestly, it doesn’t matter if it’s true. For everyone with any digital life, being hacked is the new normal. The iCloud incident is being hacked in our most personal moments. The JP Morgan hack is our financial life being hacked. And now even a trip to buy light bulbs in bulk is being hacked. We all need to assume that we may be exposed in everything we do. This is not something new, but it is new that we’re becoming collectively aware of this fact."