The Home Depot hack was even worse than authorities originally thought, according to a new report. Along with compromising 56 million credit-card accounts, the hackers also exposed 53 million customer email addresses.
Two months ago, the hackers accessed the retailer’s system through usernames and passwords they stole from a refrigeration contractor’s electronic billing account. Target and other companies have been infiltrated in a similar fashion. Authorities who investigated the Home Depot incident revealed the full scope of the hack to the Wall Street Journal on Thursday.
The Home Depot hackers took aim at 7,500 of the company’s self-checkout lanes. The software hid itself for five months, collecting data and transmitting it to an outside system.
[WSJ]
More Must-Reads from TIME
- Cybersecurity Experts Are Sounding the Alarm on DOGE
- Meet the 2025 Women of the Year
- The Harsh Truth About Disability Inclusion
- Why Do More Young Adults Have Cancer?
- Colman Domingo Leads With Radical Love
- How to Get Better at Doing Things Alone
- Michelle Zauner Stares Down the Darkness
Write to Eliana Dockterman at eliana.dockterman@time.com