Malware
Home Depot Confirms Massive Third-Party Data Breach Exposing Employee Information
Home Depot has confirmed a third-party data breach that exposed personal information of current and former employees. The cyber attack targeted the company’s external service provider, potentially compromising names, birth dates, social security numbers, and other sensitive data. Home Depot is offering free identity protection services to affected individuals.
It’s official: Home Depot has acknowledged experiencing a data breach after one of its SaaS vendors accidentally exposed limited employee data. While not extensive, this information could potentially be used in targeted phishing attacks.
As the largest home improvement retailer, Home Depot has a massive presence, with over 2,300 stores in North America and a whopping 475,000 employees.
Last Thursday, a threat actor going by the name IntelBroker leaked data for around 10,000 Home Depot employees on a hacking forum.
“In April 2024, Home Depot suffered a data breach that exposed the corporate information belonging to 10K employees of the company,” according to the forum post.
When we reached out to Home Depot, the company confirmed that one of its third-party SaaS vendors unintentionally exposed sample employee data.
“A third-party Software-as-a-Service (SaaS) vendor inadvertently made public a small sample of Home Depot associates’ names, work email addresses, and User IDs during testing of their systems,” Home Depot shared with us.
Although the exposed data isn’t highly sensitive, it does contain corporate IDs, names, and email addresses. This information could be used by threat actors to launch targeted phishing attacks against Home Depot employees, putting them at risk.
These phishing attacks can be crafted to extract more sensitive information, such as Home Depot credentials. The attackers can then sell this information to other threat actors or use it to breach the company’s network, resulting in stolen corporate data or ransomware deployment.
Remember, all Home Depot employees should remain vigilant regarding emails containing links to pages requesting corporate credentials or other information. If you receive such an email, report it to your IT staff, who can verify its legitimacy.
It’s worth noting that IntelBroker is a notorious threat actor, first making headlines by breaching DC Health Link, an organization responsible for administering healthcare plans for U.S. House members, their staff, and families. This incident led to a congressional hearing after data for 170,000 affected individuals, including members and staff of the U.S. House of Representatives, was leaked.
IntelBroker has also been linked to cybersecurity incidents involving PandaBuy, Acuity, Hewlett Packard Enterprise (HPE), the Weee! grocery service, and an alleged breach of General Electric Aviation.
Stay informed and protect yourself from cybersecurity threats by keeping up with our latest insights and advice. We’re here to help you navigate the ever-changing digital landscape.