In one of the most significant cybersecurity breaches impacting the retail sector, Home Depot faced a formidable cyber attack between April and September 2014. Using a third-party vendor's login credentials, attackers infiltrated Home Depot’s network, then deployed sophisticated malware designed to infect the retailer’s POS system, aiming to harvest customer payment information. This breach had a massive scope, affecting 52 million customers. It caused considerable financial and reputational damage to the company. Home Depot subsequently agreed to pay $17.5 million to settle claims across the country, linked to this incident. However, this sum was only a part of the overall financial impact on Home Depot, which incurred pretax expenses of $198 million related to the breach, its aftermath, and subsequent litigation by customers, payment card issuers, and financial institutions before reaching the settlement. This event underscores the critical importance of stringent cybersecurity measures and the potential consequences of vulnerabilities within third-party vendor systems.
Source: https://arcticwolf.com/resources/blog/10-major-retail-industry-cyber-attacks/
"id": "the500050824",
"linkid": "the-home-depot",
"type": "Breach",
"date": "09/2023",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"