Skip to main content
The Globe and Mail
Support Quality Journalism
The Globe and Mail
First Access to Latest
Investment News
Collection of curated
e-books and guides
Inform your decisions via
Globe Investor Tools
Just$1.99
per week
for first 24 weeks

Enjoy unlimited digital access
Enjoy Unlimited Digital Access
Get full access to globeandmail.com
Just $1.99 per week for the first 24 weeks
Just $1.99 per week for the first 24 weeks
var select={root:".js-sub-pencil",control:".js-sub-pencil-control",open:"o-sub-pencil--open",closed:"o-sub-pencil--closed"},dom={},allowExpand=!0;function pencilInit(o){var e=arguments.length>1&&void 0!==arguments[1]&&arguments[1];select.root=o,dom.root=document.querySelector(select.root),dom.root&&(dom.control=document.querySelector(select.control),dom.control.addEventListener("click",onToggleClicked),setPanelState(e),window.addEventListener("scroll",onWindowScroll),dom.root.removeAttribute("hidden"))}function isPanelOpen(){return dom.root.classList.contains(select.open)}function setPanelState(o){dom.root.classList[o?"add":"remove"](select.open),dom.root.classList[o?"remove":"add"](select.closed),dom.control.setAttribute("aria-expanded",o)}function onToggleClicked(){var l=!isPanelOpen();setPanelState(l)}function onWindowScroll(){window.requestAnimationFrame(function() {var l=isPanelOpen(),n=0===(document.body.scrollTop||document.documentElement.scrollTop);n||l||!allowExpand?n&&l&&(allowExpand=!0,setPanelState(!1)):(allowExpand=!1,setPanelState(!0))});}pencilInit(".js-sub-pencil",!1); // via darwin-bg var slideIndex = 0; carousel(); function carousel() { var i; var x = document.getElementsByClassName("subs_valueprop"); for (i = 0; i < x.length; i++) { x[i].style.display = "none"; } slideIndex++; if (slideIndex> x.length) { slideIndex = 1; } x[slideIndex - 1].style.display = "block"; setTimeout(carousel, 2500); }

Home Depot has 2,263 stores, and 180 of those are in Canada. A Home Depot spokeswoman said the company cannot say how many Canadian customers may have been affected.

Daniel Acker/Bloomberg

Home improvement retailer Home Depot Inc. confirmed Monday that its payment systems have suffered a security breach, and Canadian clients are among those affected.

The chain said the breach "could potentially impact customers using payment cards" in U.S. and Canadian stores, but there is no evidence the breach hit online customers or stores in Mexico.

Home Depot, which has been tight-lipped since it revealed last week it was investigating unusual activity that suggested a potential breach, said Monday that it still doesn't know the "full scope, scale and impact of the breach." It said there is no evidence that PIN numbers associated with the debit cards have been compromised. Its investigation is focusing on transactions from April onward.

Story continues below advertisement

Home Depot has 2,266 stores, and 180 of those are in Canada. A Home Depot spokeswoman said the company cannot say how many Canadian customers may have been affected because it does not yet know "many details or the scale of the incident."

But the company said it has taken "aggressive" steps to address the "malware" and protect its customers' data. It is also offering free identity protection, and credit monitoring to any customer who has used a payment card at a Home Depot store since April of this year.

Home Depot chief executive officer Frank Blake said in a statement that "we owe it to our customers to alert them that we now have enough evidence to confirm that a breach has indeed occurred. It is important to emphasize that no customer will be responsible for fraudulent charges to their accounts."

The company said its internal technology security team has been working around the clock with outside security organizations, its banking partners, and the United States Secret Service to "gather facts and provide information to customers."

The possible breach was first reported last Tuesday by the security news website Krebs on Security, run by computer security expert Brian Krebs. He said several banks had reported seeing evidence that Home Depot outlets "may be the source of a massive new batch of stolen credit and debit cards."

In a posting, Mr. Krebs said analysis of card data posted on a "cybercrime store" website suggests that a spate of stolen credit card information recently put up for sale came from Home Depot.

Mr. Krebs said banks believe the breach may have begun in April or May. If that is the case "this breach could be many times larger than Target, which had 40 million credit and debit cards stolen over a three-week period."

Story continues below advertisement

Just before Christmas last year, Target said that credit and debit card information on millions of customers had been stolen. The breach, and the work to rectify it, cut into the company's fourth-quarter profit. Some of Target's Canadian customers were affected by that breach.

Mr. Krebs said in a posting on Monday that sources had told him the Home Depot breach was helped by a new variant of the "BlackPOS" malware that stole account data from Target.

Follow related topics

Report an error Editorial code of conduct
Tickers mentioned in this story
Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

Comments that violate our community guidelines will be removed.

Read our community guidelines here

Discussion loading ...

To view this site properly, enable cookies in your browser. Read our privacy policy to learn more.
How to enable cookies