Everything You Need to Know About the Home Depot Data Breach

Via New York Times http://www.nytimes.com/2014/09/04/technology/path-of-stolen-credit-cards-leads-back-to-home-depot.html

Via New York Times

What happened?
Targeted by cyber criminals, Home Depot has been the latest victim in a major credit card data breach. It is estimated that this attack effects thousands of consumers’ credit and debit card information. Should the evidence uncovered so far prove to be valid, the hack could be bigger than last year’s record-setting Target breach.

What information did they get?
As of right now, the answer to this question is unclear. However, it can be assumed that the hackers have access to all typical billing information such as: the cardholder’s name, card number, billing zip code, security code and expiration date.

Where is the stolen information being used?
According to the New York Times, thousands of fresh credit and debit card numbers have surfaced on so-called carding sites, which are websites where stolen credit card data is sold. On these sites, hackers are selling the stolen account information for as much as $50 per card. From here, cyber criminals can use this information for anything from illegal online purchases to identity theft.

Should I be concerned?
While Home Depot is working hard with law enforcement and their banking partners to get this under control, if you have shopped at Home Depot with either a credit or debit card, you should be on the lookout for any usual activity.

What should I do now?
If you have shopped at Home Depot and used a credit card, keep a close eye on your statement. Any unfamiliar charges should be immediately reported to your financial institution.

If you used a debit card at Home Depot, you may want to ask your bank to issue you a new account number and consider moving any money you can to another account. Unlike credit cards, any unlawful purchases on your debit card comes directly from the cash in your bank account. This could cause an overdraft and/or leave you without money. While most financial institutions replace the stolen money, it rarely happens quickly. 

Finally, the information gathered by the hackers could be used in a later attack – such as a phishing email. Be suspicious of any email, phone call or text that claims to be your bank, Home Depot or law enforcement. Avoid clicking any links or replying with any personal information.

 

DSS and AuthentiSite have solutions that would help put an end to these cyber attacks. To learn more, please visit www.AuthentiGuard.com 

To sign up for our free informational webinar please click here.

Advertisements

Today’s Growing Cyber Threats

cybersecurity

Earlier this week, in what some are calling the “biggest internet heist in history”, Russian hackers amassed over one billion username and password combinations and more than 500 million email addresses.

This comes not even a year after 40 million credit card numbers were stolen from Target and cyber criminals attacked Adobe’s databases – causing experts and consumers alike to wonder if keeping personal information out of the hands of thieves is a losing battle.

What do these thieves want with your usernames and passwords? For the Russians in particular, they were using the logins to spam weight loss ads on social media accounts for, what is believed to be, third party groups. Although some credentials have been sold to the black market, many remain in the hands of the Russian Gang. Should these professional criminals decide to sell the information, it would be very lucrative for the gang.

While a credit cards can be cancelled, things such as an email address or social security number are easy targets for identity theft. Consumers tend to use the same email and passwords for several different websites. Criminals take these credentials and test them on websites that hold valuable information, such as banks or brokerage firms.

“Companies that rely on usernames and passwords have to develop a sense of urgency about changing this,” said Avivah Litan, a security analyst at the research firm Gartner. “Until they do, criminals will just keep stockpiling people’s credentials.

This is where DSS’s AuthentiSite Solution comes in. By implementing AuthentiSite, consumers will know they are on a trusted website, and brand owners will be able to verify it is a customer, not a hacker, on their website.

For example; John Smith will be able to verify he is on his trusted banking website (not a fake, phishing site) and the bank will be able to verify that John Smith is accessing his own account.

It all starts with our patented Prism mark. This mark’s security technology is tied into our secure server making it virtually impossible for criminals to duplicate the mark on illegal or fraudulent websites.

If you are interested in learning more, please sign up for our free, informational webinar on September 8th at 2pm EST. During this webinar, industry experts will discuss AuthentiSite and how the program is being continuously developed to end cyber attacks.

To register, click here.

In the meantime, to learn how AuthentiGuard can help protect brand owners and consumers alike, please visit www.AuthentiGuard.com

Source