NEW YORK — The Home Depot Inc. released further information on the months-long data breach that occurred at its stores in the United States and Canada and affected 56 million debit and credit card users between April and September, reported the Associated Press. The malware used in the breach has reportedly been eliminated.
Company officials said there was no evidence that debit PINs were compromised, nor that the breach affected stores in Mexico or customers who shopped online at www.homedepot.com. They also noted that Home Depot has since completed a "major" payment security project to add enhanced encryption of customers' payment data at its U.S. stores.
"We apologize to our customers for the inconvenience and anxiety this has caused, and want to reassure them that they will not be liable for fraudulent charges," Home Depot Chairman and CEO Frank Blake said in a recent statement. "From the time this investigation began, our guiding principal has been to put our customers first, and we will continue to do so."
In spite of this incident, Home Depot on Thursday reported a slight increase in its expected earnings for fiscal 2014.
The new projection does include estimates for the cost to investigate the data breach, provide credit monitoring services to customers, increase call center staffing and pay for legal and professional services, but does not include potential not-yet-determined losses related to the data breach. These losses could include liabilities related to payment card networks, civil litigation, and government investigations and enforcement proceedings.