More bad news for Home Depot shoppers. The world’s largest home improvement retailer announced last summer its payment data systems in the U.S. and Canada were hacked between April and September of 2014. In that cyber attack, thieves reportedly got away with the payment information for around “56 million credit cards.” Last, Thursday in an update on its investigation, the company disclosed the hackers stole “approximately 53 million” email addresses in the security breach, according to a news release.
Home Depot claims the hackers got only a limited amount of information: “The files containing the stolen email addresses did not contain passwords, payment card information or other sensitive personal information. As we reported on Sept. 18, the method of entry used by the hackers has been closed and the malware eliminated from our systems.”
However, the company issued this warning on its website: “… it’s important to be on guard against phishing scams that are designed to trick you to provide personal information in response to phony emails. It is important not to give out personal information on the phone, through the mail or on the Internet, unless you have initiated the contact and are sure of who you’re dealing with. Similarly, you should not click directly on any email links if you have any doubts about whether the email comes from a legitimate source. ”
Home Depot says its customers will not be liable for any fraudulent charges to their accounts. Also, the company is offering free identity protection services, including credit monitoring, to any customer who used a payment card at a Home Depot store in or after April 2014.