• Home

  • Documents

  • HOME DEPOT BREACH… · Home Depot acknowledged that its payment system was attacked by malware....
1
Home Depot says payment card purchases dating back to April may be at risk, meaning payment cards may have been vulnerable for a period of about five months. HOW LARGE IS IT? HOME DEPOT BREACH © Copyright 2014 Information Security Media Group Sources: Home Depot, Target Corp. View this infographic online http://www.databreachtoday.com/how-large-home-depot-breach-a-7320 ISMG Network Sources http://www.databreachtoday.com/home-depot-confirms-data-breach-a-7288 http://www.databreachtoday.com/target-breach-what-happened-a-6312 http://www.databreachtoday.com/home-depot-breach-linked-to-targets-a-7293 http://www.databreachtoday.com/home-depot-already-faces-breach-lawsuit-a-7282 WINDOW OF COMPROMISE "We cannot discount the possibility that the same group was responsible for both. Cybercrime outfits recruit various coders and are not tied down to a single methodology." –Al Pascual, Javelin Strategy & Research The home improvement retailer has confirmed a breach that potentially impacts customers in the U.S. and Canada. Just how many payment cards were compromised remains unclear. Here’s an overview on what we know so far, and how widespread this incident might be. LAWSUIT The home improvement retailer already faces a class action lawsuit. Plaintiffs allege Home Depot failed to meet its legal obligation to protect payment information and notify customers. QUICK FACTS MALWARE Home Depot acknowledged that its payment system was attacked by malware. While the high-profile Target breach is believed to have involved BlackPOS malware, security experts disagree about whether Home Depot was compromised by a BlackPOS variant. But even if the malware differs, the same attackers could potentially be involved in both breaches. COMPANY SIZE NOV 2013 2014 DEC JAN FEB MAR APR MAY JUN JUL AUG SEP NOV Compare that with the Target compromise, where 40 million payment cards were exposed between Nov. 27 and Dec. 15, approximately three weeks. HOME DEPOT TARGET 0 500 1000 1500 2000 2500 HOME DEPOT 1,977 retail stores in the U.S. 180 in Canada TARGET 1,797 stores in the U.S. 124 in Canada Online customers not affected Free ID protection and credit monitoring offered to customers No clear evidence debit PIN numbers were compromised

HOME DEPOT BREACH… · Home Depot acknowledged that its payment system was attacked by malware. While the high-profile Target breach is believed to have involved BlackPOS malware,

  • Upload
    others

  • View
    3

  • Download
    0

Embed Size (px)

Citation preview

Page 1: HOME DEPOT BREACH… · Home Depot acknowledged that its payment system was attacked by malware. While the high-profile Target breach is believed to have involved BlackPOS malware,

Home Depot says payment card purchases dating back to April may be at risk, meaning

payment cards may have been vulnerable for a period of about five months.

HOW LARGE IS IT?

HOME DEPOT

BREACH

© Copyright 2014 Information Security Media Group

Sources: Home Depot, Target Corp.

View this infographic onlinehttp://www.databreachtoday.com/how-large-home-depot-breach-a-7320

ISMG Network Sources

http://www.databreachtoday.com/home-depot-confirms-data-breach-a-7288

http://www.databreachtoday.com/target-breach-what-happened-a-6312

http://www.databreachtoday.com/home-depot-breach-linked-to-targets-a-7293

http://www.databreachtoday.com/home-depot-already-faces-breach-lawsuit-a-7282

WINDOW OF COMPROMISE

"We cannot discount the possibility that the same group was responsible for both. Cybercrime outfits recruit various coders and are not tied down to a single methodology."

–Al Pascual, Javelin Strategy & Research

The home improvement retailer has confirmed a breach

that potentially impacts customers in the U.S. and

Canada. Just how many payment cards were

compromised remains unclear. Here’s an overview on

what we know so far, and how widespread this incident

might be.

LAWSUITThe home improvement retailer already faces a class action lawsuit.

Plaintiffs allege Home Depot failed to meet its legal obligation to protect

payment information and notify customers.

QUICK FACTS

MALWAREHome Depot acknowledged that its payment system was attacked by

malware. While the high-profile Target breach is believed to have involved

BlackPOS malware, security experts disagree about whether Home Depot

was compromised by a BlackPOS variant. But even if the malware differs,

the same attackers could potentially be involved in both breaches.

COMPANY SIZE

NOV

2013 2014

DEC JAN FEB MAR APR MAY JUN JUL AUG SEP NOV

Compare that with the Target compromise, where 40 million payment cards were

exposed between Nov. 27 and Dec. 15, approximately three weeks.

HOME DEPOT TARGET0

500

1000

1500

2000

2500

HOME DEPOT

1,977 retail stores in the U.S.

180 in Canada

TARGET

1,797 stores in the U.S.

124 in Canada

Online customersnot affected

Free ID protection andcredit monitoring

offered to customers

No clear evidencedebit PIN numberswere compromised

http://www.databreachtoday.com/home-depot-confirms-data-breach-a-7288
http://www.databreachtoday.com/target-breach-what-happened-a-6312
http://www.databreachtoday.com/home-depot-breach-linked-to-targets-a-7293
http://www.databreachtoday.com/home-depot-already-faces-breach-lawsuit-a-7282
http://www.databreachtoday.com/home-depot-confirms-data-breach-a-7288
http://www.databreachtoday.com/target-breach-what-happened-a-6312
http://www.databreachtoday.com/home-depot-breach-linked-to-targets-a-7293
http://www.databreachtoday.com/home-depot-already-faces-breach-lawsuit-a-7282
http://www.databreachtoday.com/home-depot-confirms-data-breach-a-7288

LESSONS LEARNED Home Depot Security Breach - BSI … · LESSONS LEARNED Home Depot Security Breach Home Depot is an American retailer of home improvement and construction products

LESSONS LEARNED Home Depot Security Breach - BSI … · LESSONS LEARNED Home Depot Security Breach Home Depot is an American retailer of home improvement and construction products

Documents
Data Privacy: Hackers and Headlines - City of Phoenix Home · Target Breach – What We Know The malware used is nearly identical to a piece of malware sold on underground cybercrime

Data Privacy: Hackers and Headlines - City of Phoenix Home · Target Breach – What We Know The malware used is nearly identical to a piece of malware sold on underground cybercrime

Documents
How do Hackers Breach ATMs and Cash Registers?vox.veritas.com/legacyfs/online/veritasdata/9am... · 2 Anatomy of an ATM malware attack 3 ATM breach demonstration ... How do Hackers

How do Hackers Breach ATMs and Cash Registers?vox.veritas.com/legacyfs/online/veritasdata/9am... · 2 Anatomy of an ATM malware attack 3 ATM breach demonstration ... How do Hackers

Documents
Zero-day Malware Prevention Infographicmedia.zones.com/images/pdf/infographic-not-today-zero-day.pdf · 1. McAfee Labs, Q2 2016 2. Verizon's 2015 Data Breach Investigations Report

Zero-day Malware Prevention Infographicmedia.zones.com/images/pdf/infographic-not-today-zero-day.pdf · 1. McAfee Labs, Q2 2016 2. Verizon's 2015 Data Breach Investigations Report

Documents
2019 Trustwave Global Security Report€¦ · The size of the percentage increase in coin-miner malware discovered during Trustwave . breach investigations, up to 2.7% of malware

2019 Trustwave Global Security Report€¦ · The size of the percentage increase in coin-miner malware discovered during Trustwave . breach investigations, up to 2.7% of malware

Documents
Identity ˜ eft Protectiononealind.com/wp-content/uploads/2016/11/IDWatchDog-Brochure.pdf · data breach victims Prominent Data Breaches Twitter 33 million ˜ e Home Depot 56 million

Identity ˜ eft Protectiononealind.com/wp-content/uploads/2016/11/IDWatchDog-Brochure.pdf · data breach victims Prominent Data Breaches Twitter 33 million ˜ e Home Depot 56 million

Documents
Introduction to Mobile Malware. Outline ➢ Introduction ➢ Types of Malware ➢ Malware examples ➢ How Malware Spreads ➢ Prevention ➢ AndroRAT Hands-on Lab

Introduction to Mobile Malware. Outline ➢ Introduction ➢ Types of Malware ➢ Malware examples ➢ How Malware Spreads ➢ Prevention ➢ AndroRAT Hands-on Lab

Documents
Malware Fails Best Bugs in Malware Felix Leder [Malware ... · 1 Malware Fails Best Bugs in Malware Felix Leder [Malware Detection Team] Felix.Leder@norman.com 5. desember 2011 malware

Malware Fails Best Bugs in Malware Felix Leder [Malware ... · 1 Malware Fails Best Bugs in Malware Felix Leder [Malware Detection Team] [email protected] 5. desember 2011 malware

Documents
HOW TO RE-EVALUATE YOUR BREACH PROTECTION · Attacker reaches its objective by one-time malware execution. Once objective is accomplished, the damage is done. Examples: ransomware,

HOW TO RE-EVALUATE YOUR BREACH PROTECTION · Attacker reaches its objective by one-time malware execution. Once objective is accomplished, the damage is done. Examples: ransomware,

Documents
Secure, Empower, Protect: Preventing attacks and breaches...Data Breach • Stolen credentials, Malware • Access online or on‐premise systems • Conduct additional attacks or

Secure, Empower, Protect: Preventing attacks and breaches...Data Breach • Stolen credentials, Malware • Access online or on‐premise systems • Conduct additional attacks or

Documents
CyRes - sis.pitt.edu€¦ · Recent cyberattacks, such as the Target breach, Sony hacking incident, BlackEnergy malware, Anthem cyber-attack, the Chinese hacking incidents, etc.,

CyRes - sis.pitt.edu€¦ · Recent cyberattacks, such as the Target breach, Sony hacking incident, BlackEnergy malware, Anthem cyber-attack, the Chinese hacking incidents, etc.,

Documents
Infographic - 15 Ways to Protect Your Business From a ... · cyber breach this year. Advanced Endpoint Detection & Response Protect your computers data from malware, viruses, and

Infographic - 15 Ways to Protect Your Business From a ... · cyber breach this year. Advanced Endpoint Detection & Response Protect your computers data from malware, viruses, and

Documents
Technology and Cyber Wrap up - cnahardy.co.uk/media/Files/C/CNA-Hardy/documents/cna-har… · Remediation Costs Post Breach Remediation Costs Senior Officer Personal Funds ... Malware

Technology and Cyber Wrap up - cnahardy.co.uk/media/Files/C/CNA-Hardy/documents/cna-har… · Remediation Costs Post Breach Remediation Costs Senior Officer Personal Funds ... Malware

Documents
LESSONS LEARNED Home Depot Security Breach Depot Lessons... · LESSONS LEARNED Home Depot Security Breach BSI Group America Inc. 12950 Worldgate Drive, Suite 800 Herndon, VA 20170

LESSONS LEARNED Home Depot Security Breach Depot Lessons... · LESSONS LEARNED Home Depot Security Breach BSI Group America Inc. 12950 Worldgate Drive, Suite 800 Herndon, VA 20170

Documents
Improving accuracy of malware detection by …...FFRI, Inc. Background – malware and its detection 4 Increasing malware Targeted Attack (Unknown malware) Malware generators Obfuscators

Improving accuracy of malware detection by …...FFRI, Inc. Background – malware and its detection 4 Increasing malware Targeted Attack (Unknown malware) Malware generators Obfuscators

Documents
Malware Analysis Analysis.pdf · Definisi Malware Analysis • What is a malware? • Malware (malicious software) ... Malware Sinkronisasi Token • Pelaku: Zeus Banking Trojan •

Malware Analysis Analysis.pdf · Definisi Malware Analysis • What is a malware? • Malware (malicious software) ... Malware Sinkronisasi Token • Pelaku: Zeus Banking Trojan •

Documents
Microsoftdownload.microsoft.com/download/F/7/E/F7E9A431-DD1D-4082... · 2018-10-17 · Home Depot Confirms Data Breach Shelly Banjo and Danny Yadron The Wall Street Journal September

Microsoftdownload.microsoft.com/download/F/7/E/F7E9A431-DD1D-4082... · 2018-10-17 · Home Depot Confirms Data Breach Shelly Banjo and Danny Yadron The Wall Street Journal September

Documents
IN THE UNITED STATES DISTRICT COURT FOR THE ……Home Depot breach. Mr. Brantley shopped at a Home Depot retail store in Georgia between April 1 and September 18, 2014 by swiping

IN THE UNITED STATES DISTRICT COURT FOR THE ……Home Depot breach. Mr. Brantley shopped at a Home Depot retail store in Georgia between April 1 and September 18, 2014 by swiping

Documents
Advanced WAF para amenazas avanzadas · F5 Advanced WAF Solution. Password-Stealing Malware is a Key Tool for Cybercriminals Figure Credit: Verizon 2017 Data Breach Investigations

Advanced WAF para amenazas avanzadas · F5 Advanced WAF Solution. Password-Stealing Malware is a Key Tool for Cybercriminals Figure Credit: Verizon 2017 Data Breach Investigations

Documents
CYBER WEAPONS TRAINING - Data Connectors · Cyber Weapons Training Agenda Today’s Breach Detection Gap Threats: Malware, Risky Behavior, Insiders & Advanced Attacks ... Source:

CYBER WEAPONS TRAINING - Data Connectors · Cyber Weapons Training Agenda Today’s Breach Detection Gap Threats: Malware, Risky Behavior, Insiders & Advanced Attacks ... Source:

Documents
Lastline Breach Detection Platform - Abbakan€¦ · malware behavior and is also the hardest for evasive malware to circumvent. The result is the successful detection of malicious

Lastline Breach Detection Platform - Abbakan€¦ · malware behavior and is also the hardest for evasive malware to circumvent. The result is the successful detection of malicious

Documents
Analysis of the 2013 Target Data Breach - covert.io Kill Chain... · A Dell SecureWorks report shows that the attackers also installed malware, designed to movestolendatathroughTarget’snetworkandthecompany’sfir

Analysis of the 2013 Target Data Breach - covert.io Kill Chain... · A Dell SecureWorks report shows that the attackers also installed malware, designed to movestolendatathroughTarget’snetworkandthecompany’sfir

Documents
SECURITY SERVICES - oni · threat intelligence, advanced sandboxing and real-time malware blocking is designed to prevent breaches. Should a breach occur, AV detection engines, machine

SECURITY SERVICES - oni · threat intelligence, advanced sandboxing and real-time malware blocking is designed to prevent breaches. Should a breach occur, AV detection engines, machine

Documents
Connect security to DISTRIBUTION FOR APPROVED · New malware variants created every day. 80,000+ Data breach cases that involved malicious attacks. 37% Average cost per compromised

Connect security to DISTRIBUTION FOR APPROVED · New malware variants created every day. 80,000+ Data breach cases that involved malicious attacks. 37% Average cost per compromised

Documents
Privacy Breach vs. Security Breach

Privacy Breach vs. Security Breach

Documents
Dealing with Data Breaches - Perkins Coie...Jun 09, 2016  · • Home Depot (2015) Claims • Breach of fiduciary duty • Failure of responsible oversight • Failure adequately

Dealing with Data Breaches - Perkins Coie...Jun 09, 2016  · • Home Depot (2015) Claims • Breach of fiduciary duty • Failure of responsible oversight • Failure adequately

Documents
Malware and anti-malware (fun with Trojans) - Z. …z.cliffe.schreuders.org/edu/FS/Malware and anti-malware... · 2014-04-02 · Malware and anti-malware (fun with Trojans) ... with

Malware and anti-malware (fun with Trojans) - Z. …z.cliffe.schreuders.org/edu/FS/Malware and anti-malware... · 2014-04-02 · Malware and anti-malware (fun with Trojans) ... with

Documents
Essence of Advanced Persistent Threats in 15 Minutes...MySQL.com Spreading Fake Antivirus The Register: MySQL.com breach leaves visitors exposed to malware, September 26, 2011

Essence of Advanced Persistent Threats in 15 Minutes...MySQL.com Spreading Fake Antivirus The Register: MySQL.com breach leaves visitors exposed to malware, September 26, 2011

Documents
IT & DATA SECURITY BREACH PREVENTIONgo.kaspersky.com/rs/kaspersky1/images/ITDATA... · DEVICES: Close the door to malware WEB AND SOCIAL: Balancing freedom and control This guide

IT & DATA SECURITY BREACH PREVENTIONgo.kaspersky.com/rs/kaspersky1/images/ITDATA... · DEVICES: Close the door to malware WEB AND SOCIAL: Balancing freedom and control This guide

Documents
Modern attacks and malware · Cisco Advanced Malware Protection (AMP) Cisco Web Security Combats Evolving Threats Identify a breach faster by tracking a file’s disposition over

Modern attacks and malware · Cisco Advanced Malware Protection (AMP) Cisco Web Security Combats Evolving Threats Identify a breach faster by tracking a file’s disposition over

Documents