Home Depot Hackers Exposed 53 Million Email Addresses

Shelly Banjo of the Wall Street Journal breaks down the latest report on the Home Depot security breach from April. Not only were 56 million credit cards compromised, but 53 million email addresses were taken as well.

Banjo discusses the the details of the hack and the criticism levied against Home Depot: that it acted too slowly, failed to segment parts of its data systems from outside vendors and that it focused too much on known threats rather than novel security breaches.

Once inside Home Depot’s systems after gaining credentials from the outside vendor, the hackers were able to jump the barriers between a peripheral third-party vendor system and the company’s more secure main computer network by exploiting a vulnerability in Microsoft Corp. ’s Windows operating system, the people briefed on the investigation said.

Microsoft issued a patch after the breach began, and Home Depot installed it, but the fix came too late, the people added. Afforded such access, the hackers were able to move throughout Home Depot’s systems and over to the company’s point-of-sale systems as if they were Home Depot employees with high-level permissions, the people said.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s