US home-improvement retailer Home Depot is investigating “unusual activity” regarding its customer data, following a report by investigative security journalist Brian Krebs that the company may have suffered a payment-card breach that started in April or May and that may affect all 2,200 US stores. He discovered details about the incident from a posting on a black market forum. Home Depot spokeswoman Paula Drake said if the company confirms that a breach has occurred, it will notify customers immediately. Krebs noted that it appears the hackers responsible “may be the same group of Russian and Ukrainian hackers responsible for [earlier] data breaches at Target, Sally Beauty, and P.F. Chang’s, among others.” . If the breach indeed began in late April or early May 2014, he added, “and if even a majority of Home Depot stores were compromised, this breach could be many times larger than [the] Target [incident], which had 40 million credit and debit cards stolen over a three-week period.” (BBC)(Krebs on Security)
