|
Home Depot sued by customer over data
breach
Send a link to a friend
[September 10, 2014]
(Reuters) - Home improvement
retailer Home Depot Inc <HD.N> has been sued over data breach by a
customer, saying the company failed to properly safeguard customer data
from hackers, a lawsuit filed in a Chicago federal court showed on
Tuesday.
|
|
 The lawsuit comes a day after Home Depot confirmed that its
payment security systems have been breached, potentially impacting
its customers in stores across the United States and Canada.
Illinois resident Kelsey O'Brien filed the lawsuit, seeking
class-action status, compensatory and punitive damages and credit
card monitoring services for a period of three years.
O'Brien said he used his credit card at two Home Depot stores on May
19 and June 2 and had his personal financial information exposed.
Home Depot had failed to comply with reasonable security standards
at the expense and to the severe detriment of its own customers, the
lawsuit said.
Several stolen card details were placed for sale on an underground
website notorious for offering stolen card data and were being used
to change the PIN numbers, it said.
 "We haven't seen the suit yet and right now we are focused on our
customers and the investigation, so it would be premature to
comment," Stephen Holmes, a Home Depot spokesman said.
The retailer said there was no evidence that online customers were
affected or debit personal identification numbers (PINs) were
compromised, but experts fear the attack could rival Target Corp's
<TGT.N> massive breach last year.
Home Depot said customers who shopped at its stores as far back as
April were exposed, suggesting the breach extended through the busy
summer season.
The company, which had said earlier it would roll out PIN- and
chip-enabled cards at all its U.S. stores, has promised free
identity-protection services, including credit monitoring, to any
potentially impacted customers.
[to top of second column] |
The breach was first reported by security website KrebsOnSecurity
last Tuesday. Krebs said on Sunday that Home Depot's systems were
hit by a variant of the same malware that compromised Target’s
systems last year.
Target's data breach weeks before Christmas led to theft of about 40
million credit and debit card records and 70 million other records
with customer details.
Two senators asked the federal government to investigate the Home
Depot breach and five U.S. states launched a probe into the matter
on Tuesday as fallout from last week's attack intensified.
Home Depot runs 2,266 stores across the United States and Canada.
The company's shares closed down about 2 percent at $88.93 on the
New York Stock Exchange on Tuesday.
(Reporting by Shailaja Sharma in Bangalore; Editing by Joyjeet Das,
Bernard Orr)
[© 2014 Thomson Reuters. All rights
reserved.] Copyright 2014 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
 |
