Home Depot Facing at Least 44 Civil Suits in Data Breach
Wall Street Journal (11/25/14) Calia, Michael
Home Depot reports that it faces at least 44 civil lawsuits in the U.S. and Canada related to a widespread data breach at the home-improvement retailer earlier this year. The company — which is also under investigation by several state and federal agencies — says its investigation of the breach continues, and it is still assessing its financial and other impacts. In a bid to prevent future attacks, Home Depot has completed a project that encrypts customer credit-card data at the point of sale in all of its U.S. stores. It also expects to roll out the encryption system to its Canadian stores by early next year. Additionally, Home Depot says its U.S. stores will soon have EMV chip-and-PIN technology, which helps authenticate transactions with debit and credit cards. The company revealed earlier this month that 53 million customer emails were stolen in a cyberattack that had also compromised an additional 56 million customer credit-card accounts, an intrusion the retailer had previously disclosed in September. The breach resulted in $28 million of pretax expenses in the most recent earnings period.
Web Link |
Retailers Beefing Up Security Against Data Breaches
Detroit News (11/24/14) Abdel-Razzaq, Lauren
There have been just under 700 major data breaches reported this year, up 25 percent from last year, according to new data from the Identity Theft Resource Center, and there are signs that retailers are waking up to the threat. According to eBay’s Enterprise 2014 Holiday Retail Audit, 65 percent of large retailers say they have heightened concerns about data security, even though 77 percent say they have not experienced a data breach. A PricewaterhouseCoopers survey of 758 American companies finds that $4.1 billion has been spent to protect respondents from cyber threats this year, a number that PWC expects to grow by $2 billion in 2017. Still, there is more that companies could be doing. Karl Volkman, chief technology officer at SRV Network Inc., says companies will need to bring on security consultants, increase the size of their IT security staffs, and keep themselves up-to-date on the latest threats.