Leading Retailer Home Depot Gets Hacked

Home Depot, the world’s largest chain of home improvement stores, reported that hackers stole 53 million e-mail addresses from their system, as well as the data for 56 million bank cards used for payments in their stores in the US and Canada.

The breach was confirmed in September although company representatives contended that the information stolen did not include any passwords or sensitive personal information, and was not sufficient to provide the hackers with direct access to Home Depot’s point-of-sale devices.
Home Depot was only one of several US retailers who have been targeted by hackers over the past year. In 2013, Target Corporation had about 40 million payment card numbers stolen from their system, along with another 70 million pieces of customer data.

The company responded by implementing enhanced data encryption in their stores throughout the US, with a plan of completing the rollout in Canada by early 2015. Critics argue that Home Depot’s measures have been simply aesthetic and don’t offer customers real security. A reliable solution would require that US credit cards used at the stores had chip and pin, or EMV technology. Home Depot responded by saying that they are rolling out EMV technology, although it still remains unclear when this rollout will be complete.

The theft will cost the corporation an estimated US$62 million, but Home Depot is still forecast to grow about 4.8% from last years’ earnings, which amounts to about US$4.54 per share. The forecast includes cost estimates for the ongoing investigation into the data breach, the provision of credit monitoring services for customers and legal fees.

The company’s ongoing growth indicates that, whether due to ignorance or faith in Home Depot’s interventions, people are continuing to shop there regardless of the breach. However, the company has admitted that they expect the episode to have a “material adverse affect on The Home Depot’s financial results in the fourth quarter of fiscal 2014 and/or future periods”. Company representatives also stated that they have not yet estimated the impact of “probable losses” due to the breach.

The incident may make us wonder about the safety of swiping our credit cards at the simple local shop around the corner when the complex systems of leading corporations can have their systems hacked.