Skip to main content

The 2014 Home Depot Data Breach Finally Reaches Settlement

By December 8, 2020May 5th, 2022Cybersecurity

Unless you’re a regular Home Depot shopper, you may have missed the fact that back in 2014, the company was the victim of a successful hacking attack that saw malware installed on the company’s POS (Point of Sale) system.

The attack allowed them to collect more than 40 million records belonging to customers in both the US and Canada.

As a consequence of the hack, a total of 46 states, and the District of Columbia filed a lawsuit against the company. That lawsuit has recently been settled, to the tune of $17.5 million, USD. In addition to the fine, the company has been directed to implement a number of improvements to its security system designed to help minimize the risk of their customers in the future.

Massachusetts Attorney General Maura Healey had this to say about the outcome:

“Retailers must take meaningful steps to protect consumers’ credit and debit card information from theft when they shop. This settlement ensures Home Depot complies with our state’s strong data security law and requires the company to take steps to protect consumer information from illegal use or disclosure.”

Our view is that Ms. Healey overstates the impact of the outcome of the suit. The fine is a pittance, amounting to less than fifty cents per compromised customer record, and any company interested in staying in business in this day and age shouldn’t need to be named in a lawsuit to follow current IT Security Best Practices.

Even so, the resolution of the lawsuit has resulted in some positive changes, although they are too late to make a difference for the 40 million customers already impacted.

These kinds of issues are happening with increasing frequency, and that’s not going to change until companies everywhere, of all shapes and sizes, get more serious about protecting their customers’ data. What’s the state of your company’s security? If you’re not sure, there’s no time like the present to review it carefully.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.