NEW YORK — Home Depot confirmed Monday that its payment systems have been breached and says the hack could affect customers who used credit and debit cards at U.S. and Canadian stores.
The largest U.S. home improvement chain says it has not found evidence that debit card PINs were compromised, nor that online customers or shoppers at stores in Mexico are affected.
The company did not say how many cards might be affected, but did say that customers will not be held responsible for fraudulent charges to their accounts.
Home Depot said it is looking into the breach and is working with outside firms, its banking partners, and the U.S. Secret Service. The Atlanta company says the investigation is focused on the months since April.
Home Depot Inc. said last week that it was working with banks and law enforcement to investigate a potential hack but had not confirmed a breach of its data.
The home improvement chain is the latest retailer to experience a data breach. Others include Target, grocer Supervalu, restaurant chain P.F. Chang’s and the thrift store operations of Goodwill. The breaches have rattled shoppers’ confidence in the security of their personal data and pushed retailers, banks and card companies to increase security by speeding the adoption of microchips in U.S. credit and debit cards.
Home Depot plans to have chip-enabled checkout terminals at all of its U.S. stores by the end of this year.
The company’s shares fell 62 cents to $90.20 in aftermarket trading.
Protect yourself
It’s an almost-weekly occurrence: Last week, Goodwill said its computer systems may have been hacked, including stores in Colorado, leading to the possible theft of customers’ credit and debit card information. The nonprofit agency, which operates 2,900 stores in the U.S., said it is working with federal investigators to look into a possible breach.
The organization said six of the stores were in Colorado Springs, and the others were in Canon City, Fountain, Grand Junction, Pueblo and Woodland Park.
Here are ways you can avoid becoming a victim of identity theft — even if your data has been compromised:
• Monitor your bank statements. The easiest and most effective way to make sure someone hasn’t made fraudulent charges to your account is to keep a close tab on your bank statements. Check at least once a month for suspicious activity. If you find something, call your bank.
• Use a credit card, not a debit card. Government regulations protect you from liability for fraudulent charges over $50 when you use a credit card or a debit card with a signature, not a pin number. But if you use a debit card with a pin, the regulations are murkier, and you may end up being liable for some charges.
• Get free credit monitoring. Consumers can pay a for credit monitoring, but the government offers three free credit checks a year:
• Bank smarter. Many banks offer a service that sends an email alert when any major changes — or charges — are made to a customer’s account. Don’t make money transfers online or pay bills electronically —use a check. Never use the same password for banking that you use for lower-security websites.
The Associated Press
