Another Home Depot Data Leak
Home Depot is once again in the news for compromising shopper data. The Consumerist reported late last week that the company accidentally posted spreadsheets on its website, which contained the personal information of 8,000 customers.
While the 13 Excel spreadsheets did not contain any financial information or Social Security numbers, it did contain shoppers’ full names, emails, mailing addresses and transaction details. The files were unencrypted and could be found via search engines. Unfortunately, none of this information is legally protected.
A company spokesperson said the information was taken down as soon as it was discovered; however, the company does not know how long the spreadsheets had been posted.
In a statement, Home Depot said the records were posted as a result of human error and that while they take the matter “very seriously,” they find it unlikely cybercriminals could use this information for fraud or identity theft. However, cybersecurity expert Brian Krebs said this sort of information could be used for “pretexting,” which is a scam where the hacker convinces a victim that they have a pre-existing relationship. The scammer then uses that information to trick the victim into providing more valuable personal information.
The shoppers on the spreadsheet appear to have been individuals who have logged a complaint using Home Depot’s MyInstall program. Concerned customers can call Home Depot’s main hotline at 800-466-3337 to inquire as to whether their information was released on this spreadsheet.