Recently, news has come to surface that the Home Depot Inc. might have been hit by hackers. Information of customers has likely been hacked. The well-known home improvement product retailer reported that it was collaborating with bank officials and security professionals, but was not in a position to confirm whether a data breach actually took place or not.
After Brian Krebs, the security journalist, reported that Home Depot’s customer data might have been compromised by hackers, the company spokesperson Paula Drake told that the moment they came to know about the possibility of data breach, their security staff, as well as forensics staff, started working to minimize risks.
In case hackers really stole information regarding cards and payments, the retailer will join companies such as Target Corp., Michaels etc.
Aleksandr Yampolskiy from Security Scorecard Inc. has a view that no matter how hard large corporations try, it is not possible to prevent security breaches altogether, although reduction of such events is certainly possible with the right measures. The expert feels that many weak links that a corporation has are simply too much to handle, and so if a hacker is truly determined, he can eventually succeed.
A small percentage of the known retailers in the US feel that embracing cards that have embedded chips may reduce the chance of encountering a hack, as such cards provide better security compared to cards that have magnetic strips and store personal data.
Underwriter Nick Economidis, at Beazley, thinks that the absence of chip cards is one of the main reasons why most breaches and frauds are aimed at the US, as opposed to the European countries. But since EMV implementation all over the country is likely to take years, and attract millions, or even billons, of dollars for successful completion, such a measure cannot be expected to be present everywhere very soon.
Yampolskiy and other experts think that most corporations and retailers are not doing enough to prevent security breaches in the first place. Interestingly, SecurityScorecard gave Home Depot just a C in terms of how secure it was, as opposed to giving a B to Costco and Wal-Mart.
While the average time taken for cleaning up malware for the retail industry is just 1 day, Home Depot has been known to take nearly 1.3 days in order to eliminate any malware from its system. Besides, various vulnerabilities were discussed by hackers on the Atlanta website of the retailer from as early as 2008!