Dive Brief:
-
The Home Depot on Monday confirmed that the credit card numbers of customers who have shopped in its stores have been stolen.
-
The big-box home-improvement retailer says malicious software—or malware—infected its computer network, allowing the attackers to collect data from credit cards when they were swiped at cash registers in the chain’s U.S. and Canadian stores. Credit card purchases made on the store’s website apparently were not involved.
-
Contractors and homeowners who shopped at the store between April and September may request free identity protection services, including credit monitoring.
Dive Insight:
The Fair Credit Billing Act says victims of a credit breach involving malware are not responsible for unauthorized charges on their credit cards. In a press release Tuesday, Home Depot Chairman and CEO Frank Blake said no customers will have to pay for fraudulent charges.