Home Depot suffered a data breach.
A mistake by an outside vendor reportedly allowed hackers to gain unauthorized access to some of the personal data of approximately 10,000 employees at The Home Depot.
according to peepee computer, home depot On Thursday, April 4, 2024, a cybercriminal going by the alias “IntelBroker” posted data including the names, work email addresses, and corporate user IDs of approximately 10,000 employees on a known online forum for hackers. admitted to having leaked the information.
“A third-party Software-as-a-Service (SaaS) vendor accidentally exposed a small sample of Home Depot employees' names, work email addresses, and user IDs while testing their systems. ” said Home Depot. peepee computer Answers to inquiries regarding posting to hacker forums.
Although the information itself does not necessarily cause great harm to the affected employees, according to peepee computerHowever, it is possible that the data could be used in phishing attacks aimed at tricking compromised employees into revealing more sensitive information that could be used against them or the hardware store. there is.
according to peepee computer, IntelBroker is a “well-known threat actor” that has also successfully stolen data, including medical information related to members of the U.S. House of Representatives and their staff. IntelBroker has also been reported to be involved in cyber breaches of companies such as Hewlett Packard Enterprise and Weee!, an Asian online supermarket for US consumers.
Cybersecurity experts at identity solutions provider Saviynt said in an email commentary that retailers need to pay close attention to potential vulnerabilities posed by third-party partners.
“As evidenced by the announced Home Depot cybersecurity incident, traditional third-party management of SaaS solutions is insufficient to support the significant increase in SaaS usage at enterprise scale,” says Sayvint CEO. said Trust Director Jim Routh. As demonstrated by this incident, it provides a clear opportunity for enterprises to improve their IAM governance capabilities for their SaaS usage. ”
“The security of the weakest link depends on the weakest link, and increasingly that link comes from a third-party provider. We need to extend the boundaries of identity security by improving party management.” Access to sensitive data. ”
Headquartered in Atlanta, The Home Depot is the world's largest specialty home improvement retailer. At the end of fiscal 2023, the Company operated a total of 2,335 retail stores in all 50 states, the District of Columbia, Puerto Rico, the U.S. Virgin Islands, Guam, 10 Canadian states, and Mexico. The company employs approximately 465,000 people.