Home Depot blames third party for data breach
Posted by: Timothy Weaver on 11/07/2014 10:45 AM
[
Comments
]
According to preliminary results of an investigation into the September mega-breach of Home Depot, the company says that hackers gained access to Home Depot's network via a third-party vendor system.
Home Depot release this statement:
Criminals used a third-party vendor's user name and password to enter the perimeter of Home Depot's network. These stolen credentials alone did not provide direct access to the company's point-of-sale devices. The hackers then acquired elevated rights that allowed them to navigate portions of Home Depot's network and to deploy unique, custom-built malware on its self-checkout systems in the US and Canada.
Third parties were also blamed for the breaches at Target and JPMorgan. Target was broken into through the HVAC vendor. JPMorgan was accessed via a third party website.
During the September mega-breach, Home Depot admitted that hackers gained access to 53 million email addresses which also led to the theft of data from 56 million credit/debit cards.
Home Depot release this statement:
Criminals used a third-party vendor's user name and password to enter the perimeter of Home Depot's network. These stolen credentials alone did not provide direct access to the company's point-of-sale devices. The hackers then acquired elevated rights that allowed them to navigate portions of Home Depot's network and to deploy unique, custom-built malware on its self-checkout systems in the US and Canada.
Third parties were also blamed for the breaches at Target and JPMorgan. Target was broken into through the HVAC vendor. JPMorgan was accessed via a third party website.
During the September mega-breach, Home Depot admitted that hackers gained access to 53 million email addresses which also led to the theft of data from 56 million credit/debit cards.
Comments
