Home Depot Acknowledges Another Insider Breach

Home Depot recently began notifying fewer than 500 customers that their credit card information was stolen by a former employee (h/t DataBreaches.net).

From May 7, 2014 until May 21, 2014, the employee, who was authorized to have access to computer systems, leveraged that access to obtain credit card information from Home Depot tool rental transactions.

For less than 500 cards, the employee provided the following stolen information to third parties: name, address, phone number, birthdate, card brand, card account number, and card expiration date.

The employee also accessed the same information for an additional 30,000 accounts, though that information doesn’t appear to have been provided to third parties.

“The associate did not hack our systems, rather, he took advantage of access that was required by his job responsibilities,” senior corporate counsel Stacey Keegan wrote in the notification letter [PDF]. “His access to our systems has been terminated and his electronic devices have been seized by law enforcement.”

All those affected are being offered one free year of identity protection services from AllClear ID.

In February of 2014, three Home Depot human resources employees were arrested for allegedly accessing employees’ information and using it to apply for fraudulent credit cards.

Jeff Goldman
Jeff Goldman
Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009.

Top Products

Related articles