A new report about the recently revealed widespread hack of Home Depot stores indicates the department store cyberattack “could be much, much bigger” than a similar attack on Target stores last year, which compromised more than 40 million credit and debit cards.
After crunching the numbers, researcher Brian Krebs released a report on Wednesday showing that almost all of Home Depot’s 2,200 stores might have been hit, potentially compromising the payment information of tens of millions of Home Depot shoppers.
“This breach could be much, much bigger than Target,” Krebs wrote in his findings, which compared the attack to the one executed against 1,800 Target stores over the course of three weeks amid last year’s busy holiday shopping season.
To make his comparison Krebs recorded every zip code from card numbers stolen from Home Depot and placed for sale online at the cybercrime store rescator[dot]cc, where stolen Home Depot store cards began appearing Monday, and where the majority of cards stolen from Target went on sale.
Krebs then compared the zip codes to those belonging to every Home Depot store, and found a 99.4 percent overlap — indicating credit and debit cards were stolen from almost every Home Depot location.
The home repair store chain has yet to confirm it was hacked, saying only that it is currently “looking into some unusual activity that might indicate” a breach of security and customer data.