The hacking attack on retailer Home Depot may have affected 56 million credit and debit cards in Canada and the U.S., the company has admitted. Criminals used unique, custom-built malware to steal numbers from Home Depot’s point-of-sale systems, it said.
The do-it-yourself retailer has 180 stores in Canada and more than 2,200 in the U.S. The company said the previously unknown varietyof malware may have been in its payment systems from April to September of this year.
Home Depot said it has completed a security upgrade that should prevent any further breach of its systems. Terminals identified with the malware have been replaced and the malicious code has been eliminated from customer systems, it said.
Canadian credit and debit cards have chip technology that should protect customers, it said.
Home Depot said it has rolled out enhanced encryption of payment data to all its U.S. stores and plans to have the same safeguards in place in Canada by next year. Home Depot repeated its assurance that there is no evidence the cybercriminals gained access to customers’ PINs.