Bloggers focusing on the holidays despite the pandemic
Don't travel for Thanksgiving, officials advise, but if you're traveling anyway, here are the safest states

Home Depot to pay $17.5 million to settle huge 2014 data breach lawsuit

Home Depot Pin Oak Houston Self Checkout

Photo: WhisperToMe

The Home Depot will pay $17.5 million to resolve investigations into its 2014 data breach that exposed the payment card information of about 40 million Home Depot customers throughout the nation.

The breach occurred when hackers gained access to the company's network and put malware on its self-checkout system.

The malware allowed the hackers to obtain the payment card information of customers who used self-checkout lanes at The Home Depot stores throughout the United States between April 10, 2014, and Sept 13, 2014. 

“New Yorkers have every reasonable expectation that their personal financial information will remain private and protected,” said Attorney General Letitia James. “Instead of building a secure system, The Home Depot failed to protect consumers and put their data at risk.”

In addition to the settlement payment, The Home Depot has agreed to carry out data security practices to strengthen its information security program and safeguard the personal information of consumers.

Specific provisions include:  

  • Employing a chief information security officer who will report to the senior executives and board of directors on Home Depot’s security and security risks.
  • Providing the resources required to carry out the company’s information security program.
  • Providing security and privacy training to all personnel who have access to the company’s network or responsibility for consumers’ personal information.
  • Employing security safeguards for access controls, password management, two-factor authentication, firewalls, encryption, risk assessments, penetration testing, and vendor account management.

The company’s management of the security program will be evaluated through an information security assessment.

Forty-seven attorney general participated in the settlement. Among them, in addition to New York, are: California, Colorado, Connecticut, Florida, Illinois, Indiana, Massachusetts, Michigan, Ohio, Pennsylvania, Texas, Washington, and Wisconsin.


Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.


Post a comment

Your Information

(Name and email address are required. Email address will not be displayed with the comment.)