(Bloomberg) — Home Depot Inc.'s data breach, which putabout 56 million payment cards at risk, has fed fraudulenttransactions that in some cases have drained money from customerbank accounts, the Wall Street Journal reported.
|Stolen information on credit and debit cards has been used tobuy prepaid cards, electronics and groceries, the newspaperreported yesterday, citing unidentified people familiar with theattack's fallout. The amount and types of fraud are about the sameas in other big breaches, the publication cited the people assaying.
|Home Depot, the world's largest home-improvement chain,announced it was looking into "suspicious activity" Sept. 2, theday it learned from banks and law enforcement that criminals mayhave obtained data. The retailer released an estimate for affectedcards last week, saying hackers' software may have infected itssystems from April to this month and that it expects to pay about$62 million this year to deal with the incursion, with some coveredby insurance.
|"There is no evidence that debit PIN numbers were compromised,"the Atlanta-based company said Sept. 18.
|Spokesmen for the retailer and the largest U.S. card- issuingbanks — JPMorgan Chase & Co., Bank of America Corp. andCitigroup Inc. — declined to comment yesterday on what types ofsuspected fraud, if any, have been seen. The firms have saidthey're taking steps to protect customers. Financial institutionsoften are first to detect hacks at retailers by tracing increasedfraud tied to cards used at a common source.
|Bank investigators have spotted card information being fenced onblack market websites, according to the security blogger BrianKrebs, who first reported the breach. Criminals sometimesbuy numbers, then manufacture fake cards they use to purchase giftcards and goods that can be resold.
|Breaches can be especially burdensome for small banks as theycover fraud costs and reissue cards, said Viveca Ware, who handlesregulatory policy at the Independent Community Bankers of Americatrade group in Washington.
|"We're not happy that our institutions continue to incur costsrelated to breaches that they're not responsible for," she said."We'd like to see a more efficient and timely restitutionprocess."
|--With assistance from Elizabeth Dexheimer and Matt Townsendin New York.
Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader
Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- All PropertyCasualty360.com news coverage, best practices, and in-depth analysis.
- Educational webcasts, resources from industry leaders, and informative newsletters.
- Other award-winning websites including BenefitsPRO.com and ThinkAdvisor.com.
Already have an account? Sign In
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
