Preview

Home Depot Data Breach Case Study

Good Essays
Open Document
Open Document
598 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Home Depot Data Breach Case Study
Case Study: The Home Depot Data Breach
1. Security Problem/Incident
The theft of payment card information has become a common issue in today’s society. Even after the lessons learned from the Target data breach, Home Depot’s Point of Sale systems were compromised by similar exploitation methods. The use of stolen third-party vendor credentials and RAM scraping malware were instrumental in the success of both data breaches. Home Depot has taken multiple steps to recover from its data breach, one of them being to enable the use of EMV Chip-and-PIN payment cards. Is the use of EMV payment cards necessary? If P2P (Point to-Point) encryption is used, the only method available to steal payment card data is the installation of a payment card skimmer. …show more content…
The unfortunate thing is the way the attackers infiltrated the POS networks and how the attackers were able to steal the payment card data, were the same methods used in the Target data breach. The attackers were able to gain access to one of Home Depot’s vendor environments by using a third-party vendor’s logon credentials. Then they exploited a zero-day vulnerability in Windows, which allowed them to pivot from the vendor-specific environment to the Home Depot corporate environment.
Payment card information is sold by cyber-criminals frequently. In more recent retail breaches, they have been able to steal payment card information from millions of customers and sell it online in what is known as the “Darknet.” Once the cyber-criminal has stolen the payment card information, there is a process that takes place in order to put the information on sale on the Darknet and for the cyber-criminals to make money. The first step in the process is selling the payment card information to brokers. The brokers buy the payment card information in bulk and sell the information to “carders” on carder websites. The definition from “How ‘carders’ trade your stolen personal info” says, “Carders are the people who buy, sell, and trade online the credit card data stolen from phishing sites or from large data breaches at retail stores”. An example of a carder website is Rescator shown in Figure 1 below (Lawrence, 2014). As you can see, the site has full search capabilities based on the type of card you are searching
Continue Reading
View Writing Issues

You May Also Find These Documents Helpful

  • Good Essays

    Target Security Breach Case Study
    • 442 Words
    • 2 Pages

    Target Security Breach Case Study

    On December 19th Target revealed that 40 million credit and debit card accounts were compromised by a data breach. The information had appeared to be stole around black friday of 2013. This is the busiest shopping day of the year.The retailer said that the information stolen between November 27 and December 15, 2013 included personal information of as many as 70 million people more than the 40 million the company originally estimated. Target discovered the breach on December 13th and notified the justice department.The information stolen included names, mailing addresses, phone numbers and email addresses. The hackers tole 11 Gb worth of personal information. Target said that it will provide one year of free credit monitoring…

    • 442 Words
    • 2 Pages
    Good Essays
    Read More
  • Good Essays

    Home Depot - Executive Summary
    • 797 Words
    • 3 Pages

    Home Depot - Executive Summary

    The Home Depot (Ticker: HD) is the world’s largest home-improvement retailer along with being an American Fortune 50 company. The company operates 2,259 retail building supply/home improvement “warehouse” type stores all across the United States, Canada and Mexico. The Home Depot has over 340,000 team members and is based in Atlanta, Georgia. The average store size is just over 100,000 square feet along with an additional 24,000 square feet set aside for seasonal gardening.…

    • 797 Words
    • 3 Pages
    Good Essays
    Read More
  • Satisfactory Essays

    Case Analysis: Home Depot
    • 153 Words
    • 1 Page

    Case Analysis: Home Depot

    Home Depot and its subsidiaries provides excellent customer service for home improvements, lawn products, and building material. The company stocks about $30,000 to $40,000 different types of home improvement supplies and other merchandise. The Consolidated Financial Statement reports the assets, liabilities, expense, and the amount of revenues for the company. In fiscal year 2013, The Home Depot recent quantitative assessment were completed. In tax year 2014, Home Depot completed its’ annual assessment in order to recover the reporting units from the different countries.…

    • 153 Words
    • 1 Page
    Satisfactory Essays
    Read More
  • Good Essays

    Choicepoint Data Breach
    • 865 Words
    • 4 Pages

    Choicepoint Data Breach

    The ChoicePoint data breach led to over 145,000 records of personal information being stolen (Polstra, 2005). This was not by any type of hack into ChoicePoint’s systems but by an individual or a group of people who used previously stolen information to create fake businesses that would have a need to preform background checks on people. They used the fake businesses to apply for accounts with ChoicePoint. When ChoicePoint reviewed the application for membership they ran a check on the businesses and did not find any criminal activity on the owners of these fake companies since they were from stolen information and not the criminals themselves. Since no…

    • 865 Words
    • 4 Pages
    Good Essays
    Read More
  • Good Essays

    Target Data Breach Case Study
    • 690 Words
    • 3 Pages

    Target Data Breach Case Study

    The Target data breach is a very good example of the risks of using single level/layer defense strategies for information security in an organization. In fact, it taught us and the organizations in the information security industry a very valuable lesson as to how important is it to employ strategies like Defense in Depth, Critical Controls etc., Below is a brief summary of steps that can be taken to avoid such attacks. I've included the chain of different events that led to the Target Data breach and the Countermeasures/controls that could be put in place to counter and/or avoid such events/attacks.…

    • 690 Words
    • 3 Pages
    Good Essays
    Read More
  • Good Essays

    Tjx It Security Breach
    • 1174 Words
    • 5 Pages

    Tjx It Security Breach

    In January of 2007 the parent company of TJMaxx and Marshalls known as TJX reported an IT security breach. The intrusion involved the portion of its network that handles credit card, debit card, check, and merchandise return functions. Facts slowly began to emerge that roughly 94 million customers’ credit card numbers were stolen from TJMaxx and Marshalls throughout 2006. It was believed that hackers sat in the parking lots and infiltrated TJX using their wireless network.…

    • 1174 Words
    • 5 Pages
    Good Essays
    Read More
  • Better Essays

    American Loan Sharks
    • 2297 Words
    • 10 Pages

    American Loan Sharks

    to protect the consumer, credit card companies launched and were essentially given a license to steal,…

    • 2297 Words
    • 10 Pages
    Better Essays
    Read More
  • Better Essays

    Tjx System Breach Case Study
    • 791 Words
    • 4 Pages

    Tjx System Breach Case Study

    It was possible that the company was using older point of sale software that could not reconfigure to comply with the PCI standards. Another problem mention by The CPA Journal is the failure of TJX to properly encrypt customer data or the hackers stole the encryption key. Nonetheless, the bottom line was the company did not maintain industry standards.…

    • 791 Words
    • 4 Pages
    Better Essays
    Read More
  • Good Essays

    Impact of Tjx Security Breach on the Economy and Industry
    • 302 Words
    • 2 Pages

    Impact of Tjx Security Breach on the Economy and Industry

    In the wake of TJX’s security breach, consumers can only become reluctant to trust retailers, such as TJX, with credit card purchases. Globally, the problems are proof of the potential for identity theft and increases awareness. On-line retail purchasing is the most vulnerable to the issues of security and would be affected the most financially. Credit card companies in turn are impacted if the issues are not addressed creating an issue economically for all. The decrease in credit card purchases remains to be seen, but if the problem of security is left undressed the retail industry would suffer. There have been industry attempts to try to minimize the potential for security breaches, however breaches continue and business continue to pay until Congress steps in.…

    • 302 Words
    • 2 Pages
    Good Essays
    Read More
  • Powerful Essays

    Case Study Of Target's Data Breach
    • 1301 Words
    • 6 Pages

    Case Study Of Target's Data Breach

    During, and leading up to, the recent data breach that occurred at Target, it is evident that many mistakes were made at the executive level. As any company, Target possesses a primary goal of balancing both effectiveness, and efficiency; however, the organization under CEO Greg Steinhafel did not achieve these goals simultaneously. Prior to the data breach experienced by Target, the company primarily focused on efficiency --- the act of determining and implementing the most cost effective method of utilization for products, resources, or personnel (Kinicki and Williams, 2016). This manner of management by the executives did meet the minimum requirements of cyber security set by government regulations; however, it was not not effective enough…

    • 1301 Words
    • 6 Pages
    Powerful Essays
    Read More
  • Good Essays

    Target Security Breach Analysis
    • 439 Words
    • 2 Pages

    Target Security Breach Analysis

    Pointing to “backward U.S. technology,” Ziobro and Sidel reveal a long-standing issue between the financial industry and retailers that has slowed progression on chip cards. Because these cards are widely used in Europe and Canada, the U.S. has become the preferred target for criminal hackers, according to the authors. As a result, “the breaches keep coming,” and a computer-based attack experienced by Neiman Marcus over the holidays as well is used as further evidence of the widespread problem at hand.…

    • 439 Words
    • 2 Pages
    Good Essays
    Read More
  • Powerful Essays

    retail stores data breaches on 2014 1

    • 931 Words
    • 4 Pages

    retail stores data breaches on 2014 1

    In today’s world information security has been taken as a prominent issue, and cybercrimes has been rising at a higher level even the security experts are tired of the online game. Each valuable time there is always a malware installed underground phishing or stealing customer’s information via credit cards or debit cards. Security experts from various hubs are trying to nub the cyber criminals including the FBI and it has been a battle of today’s dark Usenet. Today data is very sensitive to third party users and must be protected with harsh algorithms this was written by Thomas in security concepts 2014 . Data breach refers to any situation in which a person or a group, steals sensitive or confidential data.…

    • 931 Words
    • 4 Pages
    Powerful Essays
    Read More
  • Good Essays

    Hass & Associates Online Reviews: Cyber warfare provides ominous welcome to 2015
    • 708 Words
    • 2 Pages

    Hass & Associates Online Reviews: Cyber warfare provides ominous welcome to 2015

    compromised 1.16 million credit and debit cards used by customers at 119 stores across 35…

    • 708 Words
    • 2 Pages
    Good Essays
    Read More
  • Better Essays

    Target Data Breach
    • 1162 Words
    • 5 Pages

    Target Data Breach

    Target a large retail corporation that operates over 1,700 stores across the United States. They also operate as an online retailer at target.com. In 2012 the retailer earned more than $73 billion dollars in revenue and grew their sales by 5.1% from the previous year. Looking at the revenue and sales growth rate it is hard to fathom that more money could not be spent to ensure that consumer data is protected as much as possible. As information security specialists one of the worst things that can happen is our network gets infiltrated and customer information is stolen. On December 19, 2013 Target released a statement stating that they have had an information security breach and suggested that as much as 70 million credit card information had been stolen.…

    • 1162 Words
    • 5 Pages
    Better Essays
    Read More
  • Satisfactory Essays

    Cash vs Credit Card (Compare& Contrast)
    • 375 Words
    • 2 Pages

    Cash vs Credit Card (Compare& Contrast)

    In modern life people tend to use credit cards more than putting cash in their wallets. Also, cash is still used but not taken in big amounts that might cause insecurity. Both credit and debit card payments have been proven that they are safer and more convenient than cash payments, especially when it comes to the online purchases. In…

    • 375 Words
    • 2 Pages
    Satisfactory Essays
    Read More