Skip to main content
Advertising

Originally published Wednesday, September 3, 2014 at 7:33 PM

  • Share:
           
  • Comments
  • Print

Path of stolen credit cards leads back to Home Depot locations

Bank employees, computer-security companies and police are tracing the path taken by the stolen cards. So far, all roads point back to Home Depot.


The New York Times

advertising

SAN FRANCISCO — There are two tracks to finding the identity of a company that has been hit by cybercriminals. Both of them involve going backward.

Over the past few days, thousands of fresh credit- and debit-card numbers have surfaced on so-called carding sites, which are websites where stolen credit-card data is sold. On those sites, Eastern European hackers are selling the stolen account information of people in cities as distant as Mission Viejo, Calif., and Hanover, N.H. They are charging as much as $50 per card.

Bank employees, computer-security companies and police are tracing the path taken by the stolen cards. So far, all roads point back to Home Depot. And if the evidence uncovered so far proves to be valid, the hack could top the record-setting breach of Target’s network in December.

Investigators are searching for what they call “a common point of purchase” among the cards.

Bank employees are able to identify stolen cards simply by examining the first six digits of the card, which are known as the Bank Identification Number, or BIN. They are buying back card numbers and cross-referencing the transactions of those cards in search of one common retailer.

On Wednesday, Brian Krebs, the security blogger who first reported the potential breach of Home Depot, said that there was a 99.4 percent overlap between ZIP codes listed in a collection of stolen account numbers on an Eastern European carding site, called Rescator, and Home Depot’s store locations.

That means the breach could affect most of the retailer’s 2,200 stores, which is about 400 more than the Target breach.

Home Depot, based in Atlanta, has not confirmed that it was the victim of a cyberattack, only that it was investigating “unusual activity.”



Want unlimited access to seattletimes.com? Subscribe now!

Also in Business & Technology

News where, when and how you want it

Email Icon

Where in the world are Seahawks fans?

Where in the world are Seahawks fans?

Put your marker on The Seattle Times interactive map and share your fan story.

Advertising

Advertising


Advertising
The Seattle Times

The door is closed, but it's not locked.

Take a minute to subscribe and continue to enjoy The Seattle Times for as little as 99 cents a week.

Subscription options ►

Already a subscriber?

We've got good news for you. Unlimited seattletimes.com content access is included with most subscriptions.

Subscriber login ►
The Seattle Times

To keep reading, you need a subscription upgrade.

We hope you have enjoyed your complimentary access. For unlimited seattletimes.com access, please upgrade your digital subscription.

Call customer service at 1.800.542.0820 for assistance with your upgrade or questions about your subscriber status.

The Seattle Times

To keep reading, you need a subscription.

We hope you have enjoyed your complimentary access. Subscribe now for unlimited access!

Subscription options ►

Already a subscriber?

We've got good news for you. Unlimited seattletimes.com content access is included with most subscriptions.

Activate Subscriber Account ►