November 13th 2014
What's the issue?
In addition to the breach of an estimated 56 million debit and credit cards, Home Depot has announced that hackers also stole 53 million customer email addresses when the retailer was breached in April 2014.
What's the risk?
Expect to see increased phishing and spear-phishing activity directed at Home Depot customers.
Phishing is the activity of defrauding an online account holder of financial information by posing as a legitimate company, typically via email.
Phishing is one of the most powerful weapons in a cybercriminal's toolkit. In fact, the Home Depot breach itself started when hackers gained access through the company's network using credentials stolen from one of Home Depot's own vendors in a spear-phishing attack.
What should I do?
As always, be wary of phishing emails. Keep an eye out for email messages claiming to be from companies you do business with and retailers you shop at, especially messages that request that you take action of some kind by clicking a link or logging into an account. Be particularly careful with emails purporting to be from Home Depot or other large brands.
When in doubt, delete email messages that you don't trust, and pick up the phone to verify the contents with the sender. Be sure to use the phone number listed on the company's website, rather than on the email in questions.
Note to NPC clients:
There have been no successful attacks on NPC users. Your fully patched and secured NPC system, and your offline backup, will continue to protect you. If you have any questions or concerns about your system, do not hesitate to call the support centre at 1-855-667-2642 or email firstname.lastname@example.org.
For more information