Home Depot breach could be largest yet

New York -- Home Depot officially confirmed that in-store payment systems at its U.S. and Canadian stores had been hacked in a breach that potentially could be one of the biggest attacks yet. The chain said malware was used in the hack.



Home Depot did not specify how many cards might be affected, but a report in the New York Times said the total number of credit card numbers stolen could top 60 million, and may involve consumers who shopped at Home Depot stores from as long as April to early last week. The massive data breach last year at Target impacted some 40 million cardholders.



"We apologize for the frustration and anxiety this causes our customers, and I want to thank them for their patience and support as we work through this issue," chairman and CEO Frank Blake said in a statement.



Home Depot’s IT department is looking into the breach and it is also working with security firms Symantec and FishNetSecurity its banking partners, and the U.S. Secret Service to investigate the breach. The retailer has assured customers they would not be held responsible for fraudulent charges to their accounts.



The company is offering free identity-protection services for anyone who used a payment card at a Home Depot store.



The breach at Home Depot was first reported by security blogger Brian Krebs who wrote reported "evidence that Home Depot stores may be the source of a massive new batch of stolen credit and debit cards."