Wait a second!
More handpicked essays just for you.
More handpicked essays just for you.
Home depot security breach case study
Home depot data breach 2014 case study
Don’t take our word for it - see why 10 million students trust us with their essay needs.
Recommended: Home depot security breach case study
Introduction – Overview of The Home Depot Case Study
This analysis will explore The Home Depot data breach which occurred on Sept 8th, 2014, one of the nation’s largest security retail compromises of that time. The Home Depot, with over 2,200+ stores in the United States, Canada and Mexico, suffered a historic cyber-attack of significant proportions. The breach was devised by skilled hackers who developed an unknown custom malware that penetrated their payment systems and stole over 56 million credit cards and email addresses from millions of customers. In my research of this case, it was difficult for me to comprehend that the world’s leading home improvement retailer could be so careless given this breach occurred less than a year after the Target data breach in December 2013. This evaluation of The Home Depot will examine the company’s discovery of the breach, their response to customers, improved data security measures, and finally the outcome including present day findings
…show more content…
on where they are today. I was very interested in researching this topic, especially since I was a customer of Home Depot at the time of the breach and felt it really impacted me on a personal level. I hope you enjoy my analysis. Case Study Questions - Breach Discovery & Home Depot’s Response When the data breach was discovered by the Secret Service and Homeland Security on Sept 8th, 2014, The Home Depot found out it had been happening under their noses for over 5 months starting back in April of 2014. Other companies such as Target and Neiman Marcus had also recently experienced data breaches around the same time. Hackers, likely of the “Black Hat” variety (specialize in hacking IS systems), installed Malware (short for Malicious Software) on Home Depot’s payment system (POS system) which went undetected due to it being the first of its kind. The malware virus crept into their payment system stealing data from millions of customers while sending it to their remote server. The breach occurred when hackers somehow acquired login credentials from a Home Depot vendor and gained access to their payment system. It’s even been speculated that these may have been the same cyber criminals who hacked into Target’s system months prior. (J.C. Perlroth, 2014) from the New York Times indicated employees stated a concern with Home Depot’s payment systems in that they were trying to save money by using old outdated antivirus software and they did not conduct regular security audits of their systems which left them more exposed to the attack. Although Home Depot was initially careless in protecting data security, they seemingly took quick action and steps in correcting the security problems after the fact. For example, they reached out to customers who were impacted by letting them know the situation had been contained. They also contacted the banks to have them reissue all the compromised credit cards and they even offered free identity theft and credit monitoring services to these victim’s. Home Depot also took measures to upgrade their payment systems to include installing data encryption - which essentially mixes up the credit data into an unreadable format that hackers cannot access. (Home Depot, 2014) stated in a press release that they were also going to be launching “EMV Chip-and-Pin” technology as a further layer of protection in securing customer’s data and they would make sure to get this new technology in place before the industry deadline. EMV means Europay, MasterCard, Visa - who were the first merchants to develop this type of technology. Chip-and-PIN is essentially the method by which the merchant processes the payment. All credit cards in the United States should have chip and signature technology but I’ve noticed some smaller merchants have been slow to implement chip technology readers in stores, likely due to cost. Some smaller local businesses are still having customers swipe their cards, even if they appear to have chip reader’s installed. Why? My views on chip readers are that they seem a little clunky, slow to process and I often find myself having to resubmit my card into the chip reader again because something went wrong in the transaction. Perhaps its user error. Conclusion – Home Depot Strengths in the Aftermath Presently, The Home Depot still maintains its strength of being the largest home improvement retailer and the breach of 2014 appears to not have hindered their success.
Their stock prices have continued to rise even during recessions and the data breach. The Home Depot continues to surpass its competitors such as Lowes, and is widely known for their diversification in the industry. I shop at Home Depot for this reason - buy anything online & pick it up in stores.
(Tara T. Seals, 2017) As of March 2017, Info Security Magazine stated that The Home Depot settlements of the data breach are up $179 million and counting but portions are being paid by their insurance company. They went on to report that: “Home Depot agreed to track and manage its data security risk assessments using a risk-exception process, conduct annual reviews of service providers and vendors that have access to payment card information, and create a security-control framework. The retailer also implemented enhanced
encryption” In closing, The Home Depot appears to have learned from their mistakes and has ultimately taken steps to implement a more comprehensive security plan as stated above. I only wish that other companies such as Equifax would have learned something from this tragedy. To date, Equifax’s recent breach (Sept 2017) now outshines The Home Depot as being the most significant breach in history, impacting more than 143 million people’s social security numbers and personal data, myself included. I’m certain that The Home Depot is thankful to be back on track and that the negative data breach attention is on someone else, at least for the time being.
Home Depot is the brainchild of Bernard Marcus and Arthur Blank and came about after both men lost their job in the home improvement industry in 1978 (Parnell, 2014). Home Depot has acquired several smaller home improvement stores in both the U.S. and abroad through the years which enabled it to position itself as the world’s largest home improvement chain (Parnell, 2014). Home Depot focuses on the do-it-yourself segment of the market and sells sells tools, construction products and services. Marketing is a strong point for the company. They are able to maintain a competitive advantage by keeping themselves available to their customers at all times. Home Depot has been using both online and offline marketing efforts. The internet has become a very useful tool for the company and part of the reason that they are leading the market in DIY stores. Home Depot currently provides DIY videos on YouTube and Vine that cover current topics that consumers are likely to be interested in. They also have social media pages on Facebook and Twitter, where they have a huge following. They provide online communities where actual employees answer consumer’s questions and provide assistance on
After researching Home Depots financials I would invest money in Home Depot by purchasing stock. In my research there was a lot of talk about how popular home improvement is and how many people prefer the do-it-yourself aspect. While I am sure Home Depots numbers have been better, before the recession, I do not for see Home Depot going under anytime soon. I think it is a stable company that will be in business for many years to come.
Home Depot was founded in 1978 by Bernie Marcus and Arthur Blank in Atlanta, Georgia. With their store, Marcus and Blank revolutionized the do-it-yourself home improvement market in the United States. Home Depot began as a very basic store, operated in a large, no-frills warehouse. Home Depot carries over 35,000 products, with national brand names along with the Home Depot brand. At the start, Home Depot was able to offer exceptional customer service with knowledgeable employees who could guide customers through home renovation projects. Since its opening, Home Depot has experienced incredible growth, and today is North America's second largest retailer, and the largest home improvement retailer. Internationally, Home Depot has expanded into Canada, Mexico, and is beginning to operate stores in China. Home Depot's competition includes Sears, Ace Hardware and Lowes (the main competitor).
There are a number of smaller players but lack the public existence and retail footprint of their larger counterparts. With such high levels of market absorption, both HD and LOW enjoy high bargaining power with suppliers of goods. The two companies vary significantly in terms of the strategies they employ to compel consumer traffic. Home Depot centre of attention is customer service, while Lowe’s offers discounts to improve sales. Home Depot has determined on customer service as a driver to grow customer traffic and sales, Lowe has battled mainly on the basis of lower prices. Home Depot has a status for lesser prices and more pro-friendly impression where Lowe’s is trying to capture the traditional do-it-yourself customer by trying to appeal the female customer, who the company declares, is responsible for eighty percent of home improvement
The Minneapolis based Target Corporation announced in December that criminals forced their way into the company’s computer system. The data breach compromised 40 million credit and debit card accounts of customers who shopped during the holiday season between November 27 and December 15, 2013. The data captured was far broader than originally imagined as hackers gained access to 70 million customer’s personal information including names, home addresses, telephone numbers, and email addresses. Additionally, expiration dates, debit-card PIN numbers, and the embedded code on the magnetic strip of the card were stolen.
Issa utilizes statistics to suggest ideas. He says, “The Office of Personnel Management’s security breach resulted in the theft of 22 million Americans’ information, including fingerprints, Social Security numbers, addresses, employment history, and financial records” (Issa). Issa also adds that, “The Internal Revenue Service’s hack left as many as 334,000 taxpayers accounts compromised‑though just this week, the IRS revised that number to o...
Hacking into large companies or agencies to steal one’s card information has become simple. Lewis (2013) says that, “Hacking is incredibly easy; survey data consistently shows that 80 to 90 percent of successful breaches of corporate networks required only the most basic techniques“(p. 1). On November 27, 2013, Target’s security was breeched when forty million credit and debit cards were stolen. The breach lasted from November 27 to December 15, 2013.
Good afternoon members of the media and our target customers. My name is Spencer Beck and with me is Kaylyn Nese, John Bui and Jennifer Tran. We appreciate the chance to be here to discuss important issues surrounding data breeches and cybercrime. To begin with, I want to say how deeply sorry for the impact this intrusion had on our guest. We know this break in security has shaken their confidence in the Target’s brand and we will work endlessly to restore their trust.
The Home Depot data breaches exposed volumes of credit/debit card data causing consumer misery and costly retailer complications. Reports have stated that the Home Depot breach began as early as the prior April, and continued for at least four
...ntity. The FTC is requiring the company to send in annual filing to the FTC and to pay $200,000 as part of the settlement.
On the off chance that Home Depot had a defencelessness management program, performing monthly vulnerability scans of the POS environment; they could have utilized the consequences of those outputs to show leadership the significance of the gaps in that environment and possibly started to mitigate the risk of that environment before the breach occurred.
Target had a catastrophic security breach in December that involved 40 million credit cards, CVV numbers, and customer information (Greenberg, 2013A). Several weeks later the number of stolen credit cards rose to 70 million and now personal information was stolen (Greenberg, 2014B). The story is unfolding as the forensics team starts to piece parts together; unfortunately, they found a larger security breach than what was reported. Last week, the number of credit cards increased to an estimated 110 million (Popken, 2014). Forensics takes a long time to analyze and the timeline could be weeks or it could be months to know the exact details of what happened. I know this is supposed to be a fact based report, but not a lot of information has been disclosed to the public except for the quantity of credit cards, the type of information, and the main cause. The main cause is what we want to focus on, so let’s go into the specifics.
Most of the time, the commercial insurance policy that you have in place is not going to provide you with the correct amount of coverage for the many claims of liability that can arise when customer or employee data is lost, stolen or compromised. Even if you have taking the extra measures to include directors and officers insurance in your policy, it is not likely that you have sufficient coverage to pay the costs associated with a data breach.
Coca-Cola has admitted to a data breach after an employee stole dozens of laptops over the course of six years. There was no clue about the theft laptops where they went and contained the sensitive data of 74,000 individuals. Physical security attacks will lead to worse issues for any organization than a worm attack. Loss of data, or longer term loss of availability by theft of laptops or any portable medium are all things to consider when implementing physical security.
Honan, Mat. How Apple and Amazon Security Flaws Led to My Epic Hacking. 8 August 12. 22 April 2014. .