The settlement, which involves 46 states and Washington, D.C., stems from the breach that happened between April 10 and Sept. 13, 2014, when fraudsters planted credit card skimming malware in Home Depot's network to steal customer payment data. In addition to the financial component of the settlement, the company agreed to implement specific cybersecurity measures to safeguard the personal information of its customers.
Home Depot has created a USD 13 million fund to allow for payments to customers who have documented losses attributed to the breach. Customers will also have the option to receive 18 months of free credit monitoring.
As part of the settlement, The Home Depot must:
The Home Depot will also undergo a post-settlement review to ensure the agreed-upon details are being implemented.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now