Home Depot advised customers Wednesday to “closely monitor” their account statements, amid a spike of suspicious online activity that has the company investigating claims of a possible data breach.
The company acknowledged customers’ concerns in a statement posted to its website and said it was working with banking partners and law enforcement to confirm whether a breach occurred. “We know that this news may be concerning and we apologize for the worry this can create,” the company said. “If we confirm a breach has occurred, we will make sure our customers are notified immediately.”
Reports of suspicious activity first surfaced on KrebsonSecurity, an Internet security blog that said two large batches of credit card accounts were put up for sale online on Tuesday. According to KrebsonSecurity, initial evidence points to the same ring of Ukrainian and Russian hackers that have infiltrated accounts belonging to shoppers at Target and P.F. Chang’s, and this time the breach included political overtones. The hackers labeled the batches”American Sanctions” and “European Sanctions,” in an apparent reference to sanctions imposed on Russia for its involvement in Ukraine.
Home Depot said customers will not be responsible for fraudulent charges, which would be settled in negotiations between Home Depot and financial institutions that issued the compromised card.
Target is continuing to resolve payment disputes from a massive data breach last year that compromised some 40 million customer accounts. The company expects total losses from the breach to climb to $148 million, according to its second-quarter earnings report.
Sign up for Inside TIME. Be the first to see the new cover of TIME and get our most compelling stories delivered straight to your inbox.
