53 Million Email Addresses Also Stolen in Home Depot Breach
The extent of the Home Depot data breach deepened on Thursday when the company disclosed that hackers also stole 53 million email addresses.
In September, Home Depot confirmed that a whopping 56 million credit and debit cards were affected by the data breach.
In a statement, the company said criminals used a third-party vendor’s user name and password to enter the perimeter of Home Depot’s network. The hackers then acquired elevated rights which allowed them to navigate portions of the company’s network and to deploy unique, custom-built malware on its self-checkout systems in the U.S. and Canada.
The is believed to be the same Backoff malware used in the Target breach.
The stolen email addresses present a new problem for customers of the world’s largest home improvement chain. These consumers need to be on the alert for phishing e-mails. These are used to trick people into giving away more sensitive information. Consumers should never give out personal or financial information on any email or phone call that they have not initiated.
Home Depot had previously estimated the breach would cost the company $62 million.