Home Depot shoppers may be the latest victims of a data breach that could extend back to April or May of this year, potentially making it massively larger than the Target breach, according to bank officials interviewed by security journalist Brian Krebs.
During a three-week period over the 2013 holiday season, Target had 40 million credit and debit cards stolen.
The evidence linked to the possible breach at Home Depot stores is a massive new batch of stolen credit and debit cards that went on sale this morning in the cybercrime underground, Krebs said. Home Depot says that it is working with banks and law enforcement agencies to investigate reports of suspicious activity.
Home Depot spokesperson Paula Drake confirmed to Brian Krebs that the company is investigating.
“Protecting our customers’ information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers," Drake said, reading from a prepared statement. "If we confirm that a breach has a occurred, we will make sure customers are notified immediately."
Krebs also reported there are signs that the perpetrators of this apparent breach may be the same group of Russian and Ukrainian hackers responsible for the data breaches at Target, Sally Beauty and P.F. Chang’s, among others.