We are getting reports that a specific Home Depot location in Wisconsin has shown up on a website for sale.
News Story:
More than 282,000 credit and debit card numbers stolen from Wisconsin
stores during the recent Home Depot data breach have been offered for
sale on the black market, a Milwaukee Journal Sentinel investigation has
found.
The company said Thursday that the data breach had exposed an estimated 56 million payment cards, eclipsing the Target data breach,
which involved 40 million cards. The malware that caused the breach has
now been eliminated, the company said in a news release.
Home Depot
has not disclosed which locations were affected, but the Journal
Sentinel examination found credit card numbers were breached at all of
the company's 26 Wisconsin locations.
In less than a
minute, the Journal Sentinel — legally and without payment — gained
access to the underground website on which the card numbers are for
sale. It's the same group that sold millions of card numbers stolen in
the Target breach last year.
The site
caters to criminals looking to buy card numbers they can use to withdraw
cash or buy electronics and gift cards. It lets potential buyers browse
credit and debit cards by type, expiration date, name of the financial
institution that issued the card and location of the Home Depot store
where the card was compromised.
Hackers
provide the full card number and name of the cardholder when purchased.
The Journal Sentinel did not seek or gather that information.
As of
Thursday, the seller of the stolen card numbers still guaranteed a valid
rate of 100%, something hackers promise only when they're confident the
cards have not yet been canceled. The validity rate falls over time.
"When they're
100% valid, that's an indicator that the merchant hasn't fixed the
problem yet," said Brian Krebs, the cybersecurity reporter who broke the
stories on the breaches at Target and Home Depot. "It's a live breach."
--Nothing Follows--
We will provide additional information as it becomes available.
No comments:
Post a Comment