The home improvement retailer, Home Depot, has agreed to pay at a minimum $19.5 million to compensate consumers affected by the 2014 data breach.
Home Depot filed its preliminary settlement on Monday at a Federal Court in Atlanta where the company is based.
$13 million will be allocated to reimburse consumers for out-of-pocket losses, and at least, $6.5 million will be used to fund 1-1/2 years of identity protection services.
This breach affected U.S. and Canada consumers who swiped their payment cards at the self-checkout POS terminals between April & September 2014.
The company claims an intruder has able to successful infiltrate the computer network by using a vendor user name and password. The attacker was then able to use custom built malware to access Home Depot shoppers’ payment card credentials.
Among those affected include 40 million individuals who had their payment card data stolen and 52 million people who had their email addresses stolen.
The Home Depot data breach was one of the first notorious breaches to nearly cripple the retail industry, alongside the almost infamous Target breach back in 2014. POS terminals have continuously proven to be the easiest target for cyber criminals. The sensitive information stored on these devices is far too sensitive to leave unprotected without defense measures implemented.
The Home Depot breach could have been easily avoided by implementing a hardened build standard with precision change detection (the PCI DSS recommends using the CIS Benchmarks as the best hardening standard to adopt). Hardening coupled with breach detection technology (FIM-based Host Intrusion Detection system or HIDS), would ensure that, even if a breach was successful, at least you would be alerted of the issue immediately and be in a position to take action to prevent any card data loss.
In a world of constantly emerging threats, security is a tough job – but the concepts of best practice have been devised for a reason. The challenge for organizations is to attain that balance between unworkable change control practices and an anarchic environment that provides ample opportunities to hide. Closing the loop on change control delivers that vital visibility of all integrity changes but with just a fraction of the noise generated by traditional FIM implementation, enabling organizations to have far more confidence both in the validity of alarms and their ability to investigate and disarm.