Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Home Depot agrees to $17.5m settlement in 2014 data breach

Home Depot has reached a $17.5 million settlement with the attorney generals of most U.S. states over a 2014 data breach in which the payment card information of some 40 million customers was exposed

Via AP news wire
Tuesday 24 November 2020 15:26 EST
Home Depot Data Breach Settlement
Home Depot Data Breach Settlement (Copyright 2020 The Associated Press. All rights reserved.)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Home Depot has reached a $17.5 million settlement with the attorney generals of 46 states and the District of Columbia over a 2014 data breach that exposed the payment card information of some 40 million customers.

The Massachusetts Attorney General’s office detailed the settlement in a statement Tuesday, saying Home Depot agreed under its terms to employ a full-time chief information security officer among other measures.

Cybercriminals hacked into Home Depot’s self-checkout point-of-sale systems using a third-party vendor’s username and password and installed malware that harvested the customer data from April through September 2014.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in