Home Depot data breach lawsuits rise to 44 – WXIA

0) { %

0) { %

0) { %

Article source: http://www.11alive.com/story/news/local/smyrna-vinings/2014/11/25/more-home-depot-lawsuits/70088996/

,

No Comments

Home Depot faces dozens of lawsuits related to data breach

Home Depot Inc. faces at least 44 lawsuits in the U.S. and Canada over a massive data breach this year that affected 56 million debit and credit cards.

lRelated Home Depot data breach
BusinessHome Depot data breachSee all related

The nation’s biggest home improvement retailer said Tuesday in a regulatory filing that several state and federal agencies also are looking into the data breach and the company may face more litigation from customers, banks, shareholders and others.

Home Prices in 20 Cities Rose in Sept. at Slower Pace
Bond Yields, Supply Cause the $400B Market Mismatch
Dead Air: Aereo Files for Chapter 11 Bankruptcy
Thanksgiving Dinner: Sweet Potatoes, Desserts Boost Costs
Netflix Postpones Bill Cosby's New Comedy Special After More Rape Allegations Surface

Home Depot said the litigation and the investigations may distract management and affect how it runs its business. It also could lead to additional costs and fines. But those expenses aren’t clear yet because the cases are in early stages, the company said in a quarterly filing with the Securities and Exchange Commission.

The company said after announcing third-quarter earnings this month that it anticipates a fourth-quarter breach-related expense of about $27 million, but only about $6 million after insurance.

Home Depot has a $100-million insurance policy for breach-related expenses. That comes with a $7.5-million deductible.

The Atlanta-based retailer disclosed the months-long breach of data in September. It has said that the hackers initially accessed its network in April with a third-party vendor’s user name and password. Hackers then deployed malware on Home Depot’s self-checkout systems to gain access to the card information of customers who shopped at its U.S. and Canadian stores between April and September.

Home Depot’s breach surpassed Target’s pre-Christmas 2013 data theft, which compromised 40 million credit and debit cards and hurt sales and profits. Since late last year, Michaels, SuperValu and Neiman Marcus have been among a string of retailers that have also reported breaches, though they were smaller.

Home Depot has since said that hackers also stole 53 million email addresses.

The company said in its filing Tuesday that it has completed a major security improvement. Its new security scrambles raw card information to make it unreadable to unauthorized users.

The security project has been completed in U.S. stores, and Home Depot expects to do the same for its Canadian locations early next year.

Home Depot shares fell $1.39, or 1.4%, to $97.01 on Tuesday.

Copyright © 2014, Los Angeles Times

Article source: http://www.latimes.com/business/la-fi-home-depot-suits-20141126-story.html

,

No Comments

A year after Target data breach, and still no arrests

MINNEAPOLIS — One year after thieves infiltrated Target’s cash registers, a website openly sells millions of credit and debit card numbers stolen in that data breach and many others.

Anyone can log on to the site, rescator.cc, and shop for cards by ZIP code. This illegal marketplace is the most glaring reminder that no one has been brought to justice in the massive theft of Target customer data.

Federal authorities declined to say anything about their investigation, which is being led by the U.S. Secret Service. Yet cybersecurity professionals have named one person they believe is linked to the stolen card website: a Ukrainian hacker named Andrey Hodirevski.

Brian Krebs is the blogger who broke the Target breach story and first named Hodirevski a year ago. “He may not be rescator, but it’s pretty clear that he knows the people who are and probably is in touch with them,” Krebs said.

Two other security pros say Hodirevski almost certainly has a hand in running the site. Dmitry Volkov, head of investigations at Russian computer security company Group-IB, said in an interview that Hodirevski goes by the nickname “rescator” and has for several years been on his company’s radar as a carder, or dealer in stolen payment card info. He said Hodirevski was a main member of DarkLife, a defunct Russian-language hack team.

“He has a high reputation and credibility among other carders and hackers,” Volkov told the Star Tribune. “He is not just another carder.”

Mark Lanterman, a former member of the Secret Service Electronic Crimes Task Force and now chief technology officer at Computer Forensic Services in Minnetonka, said the evidence points to Hodirevski.

“It’s circumstantial, but there’s a lot of it,” Lanterman said. “His website is up and active and going stronger than ever, which is disappointing.”

Someone at rescator’s instant messenger address responded to Star Tribune inquiries, saying that nobody on his team has heard of Hodirevski and that he’s just “some slim poor guy” that Krebs named. Authorities are looking in a “very different direction,” the person said, declining to specify.

But all the publicity around the rescator site has made it the No. 1 destination for card thieves, the person boasted.

Hodirevski has not spoken out publicly, despite his name and photos having been publicized in cyber security reports and magazines such as Bloomberg Businessweek.

One Ukrainian familiar with him said Hodirevski is living in a flat in Odessa with his grandmother following a previous hacking arrest, and he is being monitored by the Security Service of Ukraine.

An old school friend in Odessa said Hodirevski has disappeared and there’s no point in looking. He’s probably in Russia, said the friend, Alex Zhimalov: “If he wants to be invisible — he will be.”

ILLICIT MARKETPLACE

In a conference room at his Minnetonka offices, Lanterman logs in to rescator.cc. Over the past year, he’s found information on the site from tens of thousands of cards stolen from Target stores linked to Minnesota ZIP codes. This fall, he found information from at least 12,000 cards stolen from Home Depot, all linked to Minnesota ZIP codes and selling for $9 to $52 each.

The shop operates in the open now, he said.

Lanterman believes that rescator sells the software that hackers have used to break into retailers’ point-of-sale computers. Then buyers customize it for victims such as Target, and others install it and do the rest of the dirty work, and give rescator the stolen card information to sell.

Watching traffic on rescator.cc tests Lanterman’s patience.

“I get American law enforcement can’t just drive to Russia and pick him up and bring him back to the station. But he has an infrastructure, and I don’t know that enough has been done to disrupt it.”

TRACKING A HACKER

From his house in Annandale, Va., his shotgun nearby, blogger Krebs tracks organized cybercrime groups, particularly those in Eastern Europe.

Krebs became a minor celebrity after breaking the news of Target’s breach last year and then following a trail of digital bread crumbs, such as usernames from rescator, to Hodirevski.

Krebs blogged on Krebsonsecurity.com that rescator is a leading member of Lampeduza, a ring of card thieves organized in a hierarchy modeled on ancient Rome, using aliases such as Flavius and Octavius.

(The name rescator, however, likely refers to the pirate character by that name in the 1967 French adventure film “Untamable Angelique.”)

Krebs linked rescator to the online alias Helkern or “hel.” The domain Helkern was first registered to Andrey Hodirevski from Illichivsk, a seaport just down the Black Sea coast from Odessa.

In an interview, Krebs said that Hodirevski “may not be rescator, but it’s pretty clear that he knows the people who are and probably is in touch with them.”

Krebs said the cybergangs that hit Target and Home Depot are “a diverse group of folks probably across several time zones in Russia and Eastern Europe.”

Whoever is running the rescator website is not just selling cards but appears to play an active role in stealing them because the information continues to show up in their online stores first, Krebs said. Plus, the word “rescator” appears in a text string used with the malicious software used in the Target attack.

A recent report by Group-IB, the Russian cyberintelligence company, examined the Russian-language carding market. It said rescator not only runs his own shops but supplied information from more than 5 million cards stolen from Target to a popular online crime shop called Swiped1.su. Group-IB estimated that the 151,720 cards rescator sold there from December 2013 to February 2014 earned rescator about $1 million.

HAVEN FOR CARDERS

Odessa is a popular tourist spot — Russians used to flock there for some beach sun before the recent political crisis. A city of about 1 million people, it’s home to several universities offering IT programs and a cluster of tech companies, including the start-up app maker Readdle.

It’s also known as a haven for carders, thieves who deal in pilfered credit and debit cards. It was at an Odessa restaurant in 2001 that a large group of hackers launched CarderPlanet.com, an early marketplace where thousands of cybercriminals hung out and, mostly in Russian, traded information, stolen goods and hacking tutorials.

Authorities eventually shut it down and arrested Roman Vega, CarderPlanet’s Ukrainian co-founder, when Vega ventured out to Cyprus. He’s serving an 18-year prison sentence in the United States.

The spelling of Hodirevski’s name varies depending on the transcription from Cyrillic. Profiles for Andrey Hodirevski on LinkedIn, and for Andrew Hodyrevsky on Retratech, a Russian-language website for certifying IT professionals, appear to be for the same person. The Retratech profile gives a birth date that would make him 22 and says he attended International Humanitarian University with a specialty in “maintenance of electronic networks” and the STEP Academy, a popular computer school in Ukraine. It lists a range of experience with various operating systems, programming skills such as JavaScript, software and databases.

He also notes “extensive experience in research, and troubleshooting of web application vulnerabilities, server software and other aspects of network security.”

Neither school responded to the Star Tribune’s request to confirm Hodirevski’s attendance.

An archived 2011 blog of an Odessa Internet marketing company, Netpeak, featured a group of employees. “Andrew Hodyrevsky aka hel” was described as a “strong programmer.” A photo posted there shows the same young man in photos Krebs obtained.

Netpeak head Artyom Borodatiuk said that Andrew Hodyrevsky worked at Netpeak from November 2010 to March 2011. He was a junior programmer in the RD department, Borodatiuk wrote in an email. He was fired for disciplinary problems, Borodatiuk said, such as showing up late for work “and some other little things we don’t accept.” Borodatiuk said he has no idea where Hodireveski went.

“He was almost child — I thought that it will be corrected with time,” Borodatiuk said.

OBSESSED WITH SECURITY

Odessa entrepreneur Alex Zhimalov told the Star Tribune he and Hodirevski became friends at the computer academy several years ago. Zhimalov, whose company designs web, desktop and mobile interfaces, said that he shared many interests with Hodirevski but that his friend was something of a mystery: a “dark horse,” secretive and obsessed with security, using encryption on all his devices and multiple fake accounts.

No one knew where he lived, Zhimalov said. You didn’t contact him, he contacted you.

Zhimalov, who emailed the Star Tribune pictures of Hodirevski taken in Odessa in 2012, was unaware of the controversy around his friend. He said he knew Hodirevski was hiding, but didn’t know why and was shocked when told that some people link him to the Target attack.

During their last year at the computer school, about two to three years ago, he said Hodirevski hacked “some government structure” and was arrested but didn’t go to jail. Then he lost touch.

The structure Zhimalov referenced is likely the Forum of Odessa, a popular Internet site that offers a mix of Craigslist-type postings and news. It was hacked in 2011, and a 19-year-old Ukrainian was arrested for stealing personal information of more than 190,000 users, according to information issued by the Security Service of Ukraine (USB) that year.

Hodirevski was the 19-year-old hacker, and he was sentenced to three years’ probation, said Dmitriy Kozin, the Forum’s co-owner.

Kozin said Hodirevski gained entry by guessing the password of a system administrator and stole e-mails. He was caught, Kozin said, because his effort to hide the actual address of his computer did not work.

Kozin said his understanding is that Hodirevski remains in an Odessa flat where he lives with his grandmother. The USB is “monitoring” him, he said.

Kozin said he thinks Hodirevski is “too lame to organize and rule” an attack on the scale of Target’s. It’s possible, he speculated, that authorities are using him to bait larger fish.

Meanwhile, Hodirevski’s carding reputation only grows. Sycophants on his bulletin boards think he’s the “end all,” Lanterman said.

“They seem to be singing his praises,” Lanterman said. “He must be thrilled with that.”

Were you interviewed for this story? If so, please fill out our
accuracy form.


Send questions/comments to the editors.

Article source: https://www.centralmaine.com/2014/11/26/a-year-after-target-data-breach-and-still-no-arrests/

,

No Comments

Home Depot Breach Cost Company $43 Million in Third Quarter

The massive Home Depot data breach disclosed earlier this fall involved the theft of 56 million credit and debit card numbers, and now the company has revealed that the incident so far has cost it $43 million.

The costs are the result of both the investigation into the data breach as well as the recovery from it, including hiring security experts to find the details of the attack, bringing in more call center workers to handle consumer questions and paying for credit monitoring, among other things. In a financial filing on Tuesday, Home Depot said that as much as $15 million of those charges could be recoverable through insurance coverage.

The Home Depot breach is one of the larger such incidents on record, with 53 million email addresses also stolen by the attackers. Company officials said the incident was the result of attackers using compromised vendor credentials to gain access to the Home Depot network and then move internally. Ultimately, the attackers gained access to the point-of-sale system, where all the damage was done.

“The hackers then acquired elevated rights that allowed them to navigate portions of Home Depot’s network and to deploy unique, custom-built malware on its self-checkout systems in the U.S. and Canada,” Home Depot said in a statement earlier this month.

In its quarterly financial filing on Tuesday, Home Depot officials said the company is still investigating the data breach, but that it has rolled out some security enhancements in the weeks after the compromise, with more to come.

“The Company has completed a major payment security project that provides enhanced encryption of payment card data at the point of sale in all of the Company’s U.S. stores, offering significant new protection for customers. The new security protection takes raw payment card information and scrambles it to make it unreadable to unauthorized users. Roll-out of enhanced encryption to Canadian stores will be completed by early 2015. The Company is also rolling out EMV chip-and-PIN technology in its U.S. stores, which adds extra layers of payment card protection for customers. Canadian stores are already enabled with EMV chip-and-PIN technology,” the report says.

Chip-and-PIN systems comprise a card with a chip inside and require a user to enter a PIN at the point of sale in order to complete the transaction. Such systems have been in use in Europe for several years but are just showing up in the United States. On top of the $43 million in costs associated with the breach Home Depot incurred in the third quarter, company officials say they could face further expenses from the incident in the coming months.

“In addition to the above expenses, the Company believes it is probable that the payment card networks will make claims against the Company. The ultimate amount of these claims will likely include amounts for incremental counterfeit fraud losses and non-ordinary course operating expenses (such as card reissuance costs) that the payment card networks assert they or their issuing banks have incurred,” the company’s report says.

“Although an independent third-party assessor found the portion of the Company’s network that handles payment card data to be compliant with applicable data security standards in the fall of 2013, the process of obtaining such certification for 2014 was ongoing at the time of the Data Breach and the forensic investigator working on behalf of the payment card networks may claim that the Company was not in compliance with those standards at the time of the Data Breach. As a result, the Company believes it is probable that the payment card networks will make claims against it and that the Company will dispute those claims.”

Officials said it’s also likely that Home Depot will incur significant legal and professional services expenses in future months and that “it is reasonably possible that the ultimate amount paid on these services and claims could be material to the Company’s consolidated financial condition, results of operations, or cash flows in future periods.”

Article source: https://threatpost.com/home-depot-breach-cost-company-43-million-in-third-quarter/109629

No Comments

Siemens Patches WinCC Vulnerabilities Likely Being Exploited

Article source: https://threatpost.com/siemens-patches-wincc-vulnerabilities-likely-being-exploited/109631

No Comments

JPMorgan Data Breach Shows Need for Global Crackdown, ASIC Says

Markets regulators across the world
must work together to counter cyber crime as the attack on
JPMorgan (JPM:US) Chase Co. exposes the risks posed by hackers,
according to the head of Australia’s financial markets watchdog.

“Cyber crime is a global problem that requires a global
solution,” Greg Medcraft, chairman of the Australian Securities
and Investments Commission, said in the text of a speech at
Bloomberg’s Sydney office today. “The links between market
players and infrastructure mean that the impact of a cyber
attack can spread quickly and has the potential to dangerously
affect the integrity and efficiency of global markets.”

Medcraft, who also chairs the International Organization of
Securities Commissions, IOSCO, is pushing more than 120 national
regulators to cooperate on ways to disclose cyber threats and
enforce methods to prevent them. Companies from JPMorgan to Home
Depot Inc.
(HD:US)
and Target Corp. have been subject to hacks.

Some 73 percent of Australian firms said their perception
of the risks posed by cybercrime has increased over the past 24
months, according to a PricewaterhouseCoopers survey this year.
The study found companies can benefit from sharing their
cyberattack experiences with each other.

Medcraft said national watchdogs should share information
in their battle to protect companies and markets infrastructure.
The international body is working on a “range of projects to
guide coordinated regulatory responses,” he said.

JPMorgan said last month that a data breach by hackers
affected 76 million households and 7 million small businesses,
with customer names, addresses, phone numbers and e-mail details
taken. The biggest U.S. bank may double its $250 million annual
computer-security budget within five years, Chief Executive
Officer Jamie Dimon said.

Sony Corp.’s computer network was hacked in what may be a
blackmail attempt, a person with knowledge of the matter said
this week.

To contact the reporter on this story:
Adam Haigh in Sydney at
[email protected]

To contact the editors responsible for this story:
Sarah McDonald at
[email protected]
Chris Bourke, Benjamin Purvis

Article source: http://www.businessweek.com/news/2014-11-25/jpmorgan-data-breach-shows-need-for-global-crackdown-asic-says

,

No Comments

North Carolina continues to investigate Home Depot data breach



HOME DEPOT EARNS

A Home Depot data breach continues to cause executive headaches.





Elegant Executive Home15 photos







Lauren K. Ohnesorge
Staff Writer- Triangle Business Journal

Email
 | 
Twitter

A credit card breach at Home Depot continues to cause executive headaches. The company disclosed that the breach had led to “at least” 44 civil lawsuits filed in the United States and Canada. That’s more than double the lawsuits reported in October.

“We are also facing investigations by a number of state and federal agencies,” the company discloses via securities filing Tuesday.

North Carolina Attorney General spokesperson Noelle Talley confirms that North Carolina continues to investigate the situation, and is among the aforementioned states.

Read: What to do if you’re hit with a credit card breach

Home Depot adds that claims and investigations “may adversely affect how we operate our business” and divert management attention. Add in costs and fines that could result from the litigation, and the situation is far from over.

“Our investigation of the data breach is ongoing, and we are still in the process of assessing the financial and other impacts of the data breach,” the company continues. “It is possible that we will identify additional information that was accessed or stolen.”

The breach was discovered in September after a new batch of customers’ credit cards went on sale on the black market.

Home Depot (NYSE: HD) is based in Atlanta, but there are 12 Home Depot Stores within a 50-mile radius of Raleigh, according to the company website.

Credit card breaches aren’t limited to big box stores. A Chapel Hill restaurant delivery service, Takeout Central, reported a breach last week.

Lauren Ohnesorge covers information technology and entrepreneurship.



Article source: http://www.bizjournals.com/triangle/blog/techflash/2014/11/north-carolina-continues-to-investigate-home-depot.html

,

No Comments

Home Depot Data Breach Sparks Dozens of Lawsuits

The Home Depot (HD) data breach that came to light in September has now led to at least 44 lawsuits.

home depot data breach hd stock 300x300 Home Depot Data Breach Sparks Dozens of Lawsuits

The retailer issued a filing with the Securities and Exchange Commission, warning that it was facing dozens of lawsuits in the US and Canada.

One of the lawsuits is a class action suit filed in a federal court in San Francisco that claimed Home Depot “failed to properly encrypt its customers’ data in violation of the [Payment Card Industry Data Security Standard].”

The Home Depot data breach affected 56 million debit and credit cards through a malware that gathered card information of the retailer’s customers.

HD stock is down 1.41% Tuesday afternoon.

More From InvestorPlace

9 Hottest Christmas Toys for 2014
10 Richest People in the World

The Best Christmas Gifts for Mom in 2014

The Best Christmas Gifts for Dad in 2014

Article source: http://investorplace.com/2014/11/home-depot-data-breach/

,

No Comments

Sony Pictures data breach may have been an inside job: Report

After a reportedly massive data breach, Sony Pictures appears to remain at the mercy of hackers who have threatened to share “top secrets” with the public.

The hack was so wide-reaching that the company’s computer system has been completely shut down, according to reports. And now it appears the hackers may have had help from Sony Pictures staffers in penetrating the system.

See also: 11 free tools to protect your online activity from surveillance

The Verge reports it was able to reach a person who identified themselves as one of hackers.

In an email, so-called “lena” said: “We Want equality [sic]. Sony doesn’t. It’s an upward battle,” adding that “Sony doesn’t lock their doors, physically, so we worked with other staff with similar interests to get in. Im sorry I can’t say more, safety for our team is important [sic].”

The hackers’ motives aren’t known, but they appear to be identifying themselves as the “Guardians of the Peace.” A Reddit user claiming to be an ex-Sony employee alleged that a threatening message about the hack appeared on all of the company’s employee computers.

“We’ve already warned you, and this is just a beginning. We continue till our request be met [sic]. We’ve obtained all your internal data including your secrets and top secrets. If you don’t obey us, we’ll release the data shown below to the world,” the message reads.

Sony hack

A message that reportedly appeared on every system in Sony Pictures’ network, claiming the system was hacked.

Image: Reddit

It isn’t apparent that the hackers have leaked any Sony data as of this writing. A phone call to Sony was not returned, and a message sent to a press email account returns an automatic reply message that states the system is “experiencing a disruption.”

sony-hack

Sony has spoken publicly about the breach, but the company’s comments were vague.

“Sony Pictures Entertainment experienced a system disruption, which we are working diligently to resolve,” a Sony spokesperson said in a statement to The Hollywood Reporter on Tuesday.

Meanwhile, Variety reports that Sony has warned its employees to avoid accessing their emails, with an estimate of one day to three weeks to mend the problem.

Have something to add to this story? Share it in the comments.

Article source: http://mashable.com/2014/11/25/sony-pictures-hack-inside/

,

No Comments

JPMorgan Data Breach Shows Need for Global Crackdown, ASIC Says

Markets regulators across the world
must work together to counter cyber crime as the attack on
JPMorgan (JPM) Chase Co. exposes the risks posed by hackers,
according to the head of Australia’s financial markets watchdog.

“Cyber crime is a global problem that requires a global
solution,” Greg Medcraft, chairman of the Australian Securities
and Investments Commission
, said in the text of a speech at
Bloomberg’s Sydney office today. “The links between market
players and infrastructure mean that the impact of a cyber
attack can spread quickly and has the potential to dangerously
affect the integrity and efficiency of global markets.”

Medcraft, who also chairs the International Organization of
Securities Commissions, IOSCO, is pushing more than 120 national
regulators to cooperate on ways to disclose cyber threats and
enforce methods to prevent them. Companies from JPMorgan to Home
Depot Inc. (HD)
and Target Corp. have been subject to hacks.

Some 73 percent of Australian firms said their perception
of the risks posed by cybercrime has increased over the past 24
months, according to a PricewaterhouseCoopers survey this year.
The study found companies can benefit from sharing their
cyberattack experiences with each other.

Medcraft said national watchdogs should share information
in their battle to protect companies and markets infrastructure.
The international body is working on a “range of projects to
guide coordinated regulatory responses,” he said.

JPMorgan said last month that a data breach by hackers
affected 76 million households and 7 million small businesses,
with customer names, addresses, phone numbers and e-mail details
taken. The biggest U.S. bank may double its $250 million annual
computer-security budget within five years, Chief Executive
Officer Jamie Dimon said.

Sony Corp.’s computer network was hacked in what may be a
blackmail attempt, a person with knowledge of the matter said
this week.

To contact the reporter on this story:
Adam Haigh in Sydney at
[email protected]

To contact the editors responsible for this story:
Sarah McDonald at
[email protected]
Chris Bourke, Benjamin Purvis

Article source: https://www.bloomberg.com/news/2014-11-26/jpmorgan-data-breach-shows-need-for-global-crackdown-asic-says.html

,

No Comments