Advertisement

Home Depot hackers stole 53 million email adresses on top of credit card info

The hackers that got into Home Depot's computers didn't only steal 56 million credit card details -- the company has recently discovered that they also got away with 53 million email addresses. According to the retailer, no passwords were stolen along with the email ads, but it still wants to warn customers, in case they receive some phishing emails in their inbox. So, if you have Home Depot-loving family or friends who aren't as tech-savvy, make sure remind them not to click on dubious links sent to their emails and to activate two-factor authentication when available. In addition to finding out that its customers' emails had been pilfered, Home Depot now also knows how the perps got into their system in the first place.

Apparently, the high-tech thieves got a hold of a refrigeration contractor's log-in credentials, which granted them entry into Home Depot's computers. From there, they managed to worm their way into point-of-sale systems, mostly the self-checkout lanes, by taking advantage of a Windows vulnerability. That's where they installed malware to harvest personal data: malware that remained undetected until the hackers got bolder and sold the victims' credit card info during Labor Day this year. Both Microsoft and Home Depot claim they've already patched the holes in their system. The retailer said it's also added tough encryption to customers' payment data and that it plans to transition to chip-and-PIN technology in the near future.