Right after the Target Hack, C-level execs at Home Depot Inc. put together a task force to prevent being the victim of a similar attack. The task force recommended to fully encrypt payment card data at the chain's 2,200 stores, but it wasn't until many months later that they started the work.
You could ask yourself how could this happen, with the Target hack fresh in mind?
The reason is that they thought they could defend against a hack like this, and apparently gave the wrong priority to the the possibility they already had been breached. Instead of prevention, they should have focused on detection of the existing breach and getting the hackers out of their network. OK, hindsight is 20-20, but in this case it should have been obvious.
The data breach is very similar to the breach at Target. The malware used to steal card data from Home Depot had the same code base as the tool used against Target, people who analyzed the code said. (The data is generally vulnerable in the brief moment it passes into the system's memory after the card is swiped.) After analyzing the malware, it was found that in both the code had Russian words in it.
Russian President Vladimir Putin allows cybercrime to continue, because he considers it a resource and now and then tells them to attack a country that is bothering Russia in some way. Imagine, cyber mafia as shock troops for the Russian government. Draw your own conclusions.
It would not surprise me if they got in the same way they got into Target, spear-phishing one of the Home Depot vendors. Another reason to step your users through effective security awareness training.
