Skip to main content
The Globe and Mail
Support Quality Journalism
The Globe and Mail
First Access to Latest
Investment News
Collection of curated
e-books and guides
Inform your decisions via
Globe Investor Tools
Just$1.99
per week
for first 24 weeks

Enjoy unlimited digital access
Enjoy Unlimited Digital Access
Get full access to globeandmail.com
Just $1.99 per week for the first 24 weeks
Just $1.99 per week for the first 24 weeks
var select={root:".js-sub-pencil",control:".js-sub-pencil-control",open:"o-sub-pencil--open",closed:"o-sub-pencil--closed"},dom={},allowExpand=!0;function pencilInit(o){var e=arguments.length>1&&void 0!==arguments[1]&&arguments[1];select.root=o,dom.root=document.querySelector(select.root),dom.root&&(dom.control=document.querySelector(select.control),dom.control.addEventListener("click",onToggleClicked),setPanelState(e),window.addEventListener("scroll",onWindowScroll),dom.root.removeAttribute("hidden"))}function isPanelOpen(){return dom.root.classList.contains(select.open)}function setPanelState(o){dom.root.classList[o?"add":"remove"](select.open),dom.root.classList[o?"remove":"add"](select.closed),dom.control.setAttribute("aria-expanded",o)}function onToggleClicked(){var l=!isPanelOpen();setPanelState(l)}function onWindowScroll(){window.requestAnimationFrame(function() {var l=isPanelOpen(),n=0===(document.body.scrollTop||document.documentElement.scrollTop);n||l||!allowExpand?n&&l&&(allowExpand=!0,setPanelState(!1)):(allowExpand=!1,setPanelState(!0))});}pencilInit(".js-sub-pencil",!1); // via darwin-bg var slideIndex = 0; carousel(); function carousel() { var i; var x = document.getElementsByClassName("subs_valueprop"); for (i = 0; i < x.length; i++) { x[i].style.display = "none"; } slideIndex++; if (slideIndex> x.length) { slideIndex = 1; } x[slideIndex - 1].style.display = "block"; setTimeout(carousel, 2500); }

Home Depot has 180 stores in Canada, and a spokeswoman said that all Home Depot customers were affected by the breach.

Gene J. Puskar/AP

Home Depot Inc.'s investigation of a suspected hacker attack is renewing pressure on retailers and credit-card providers to strengthen payment-system security.

The largest home-improvement chain said yesterday that it was working with banks and law enforcement on the possible incursion, following a report by KrebsOnSecurity that a "massive" batch of stolen credit- and debit-card information was posted for sale online.

The probe comes a week after Bloomberg News reported that JPMorgan Chase & Co. and at least four other banks were targeted by hackers in a coordinated attack. Celebrities relying on Apple Inc.'s iCloud service to store photos also had nude pictures stolen and posted online in recent days, showing that both corporations and individuals need to tighten up security practices. Target Corp., Supervalu Inc. and Neiman Marcus Group Ltd. are among retail chains that have recently endured attacks.

Story continues below advertisement

"The criminals are getting smarter faster than the companies," said Jaime Katz, an analyst at Morningstar Inc. in Chicago. If the Home Depot breach is on the same scale as Target's incident last year, "there is obviously significant concern," she said.

Home Depot has 2,263 stores, and 180 of those are in Canada. Spokeswoman Paula Drake would not reveal if the investigation includes the firm's Canadian operations, although she did say that the website message was meant for "every Home Depot customer there is out there."

The incident raises fresh questions about retailers' slow adoption of "chip and PIN" technology, which makes cards more secure, said Michael Sutton, vice president of security research for San Jose, California-based cloud-computing company Zscaler Inc.

"Retailers are now seeing first-hand why the technology is necessary and how technology costs pale in comparison to the direct and indirect costs associated with a major data breach," Sutton said.

Some U.S. companies have fallen behind schedule in updating their systems with the technology, also known as EMV – short for Europay-MasterCard-Visa, the companies that first backed the approach. Credit-card networks have set an October, 2015, deadline for most U.S. merchants to upgrade their payment systems.

EMV is considered more secure because it's harder to copy account numbers and security codes from chips than from the magnetic strips on most cards used in the U.S. EMV cards create a unique code for each transaction, making them more difficult to hack or counterfeit than striped cards.

"The technology has not been widely adopted in the U.S., primarily due to lobbying by retailers who were concerned about the cost of implementing the technology," Sutton said.

Story continues below advertisement

Brian Krebs, the independent journalist who uncovered the hacker attack at Target last year, said Tuesday that there's evidence that the latest stolen credit-card data is linked to Home Depot stores.

In Home Depot's case, the suspected breach may have occurred in late April or early May and could encompass all 2,200 of the company's stores in the U.S., Mr. Krebs said. That means it could be larger than the Target incident, he said.

Bloomberg News with a file from reporter Richard Blackwell

Report an error
Tickers mentioned in this story
Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

Comments that violate our community guidelines will be removed.

Read our community guidelines here

Discussion loading ...

To view this site properly, enable cookies in your browser. Read our privacy policy to learn more.
How to enable cookies