The US largest home improvement retailer giant Home Depot agrees to $17.5 million settlement over the 2014 data breach.
In 2014, Home Depot revealed that the data breach impacted 56 million customers across the US and Canada. According to the US retailer the payment card information of approximately 40 million Home Depot consumers nationwide. Online customers were not impacted by the security breach.
The settlement was announced by Delaware Attorney-General Kathy Jennings this week, it confirmed that 46 states have reached an agreement with the US company.
Hackers compromised the company point-of-sale (PoS) systems with malware that was designed to steal payment card data.
Home Depot also agreed to implement and maintain additional security practices in the future to prevent similar attacks.
Below security provisions agreed to in the settlement:
“Retailers must take meaningful steps to protect consumers’ credit and debit card information from theft when they shop,” said Massachusetts AG Maura Healey. “This settlement ensures Home Depot complies with our state’s strong data security law and requires the company to take steps to protect consumer information from illegal use or disclosure.”
(SecurityAffairs – hacking, Data breach)