Skip to main content
//empty //empty

A potted plant is seen posed in front of a sign at a Home Depot in Toronto, Wednesday July 2, 2014.

mark blinch The Globe and Mail

Multinational home-improvement retailer Home Depot Inc. will not say if any Canadians may have been the target of a possible security breach that could compromise customers' debit and credit card data.

The company, based in Atlanta, said Wednesday in a note to customers on its website that it is looking into "some unusual activity that might indicate a possible data breach," and that it is working with its banking partners and police to investigate.

It said that if it confirms there has been a breach, it will notify customers immediately.

Story continues below advertisement

Home Depot has 2,263 stores, and 180 of those are in Canada. Spokeswoman Paula Drake would not reveal if the investigation includes the firm's Canadian operations, although she did say that the website message was meant for "every Home Depot customer there is out there."

The issue was first reported Tuesday by the security news website Krebs on Security, run by computer security expert Brian Krebs. He said several banks had reported seeing evidence that Home Depot outlets "may be the source of a massive new batch of stolen credit and debit cards."

In a posting Wednesday, Mr. Krebs said analysis of card data posted on a "cybercrime store" website strongly suggests that a spate of stolen credit card information recently put up for sale came from Home Depot.

Mr. Krebs said banks believe the breach may have begun in April or May. If that is the case "this breach could be many times larger than Target, which had 40 million credit and debit cards stolen over a three-week period."

Just before Christmas last year, Target said that credit and debit card information on millions of customers had been stolen. The breach, and the work to rectify it, cut into the company's fourth-quarter profit. Some of Target's Canadian customers were affected by that breach.

In its note to customers, Home Depot said that if it finds there was a security breach, clients will not be responsible for any fraudulent charges. It also said that it will offer free identity protection services to anyone whose account has been compromised.

Follow related topics

Report an error Editorial code of conduct
Tickers mentioned in this story
Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

Comments that violate our community guidelines will be removed.

Read our community guidelines here

Discussion loading ...

To view this site properly, enable cookies in your browser. Read our privacy policy to learn more.
How to enable cookies