Home Depot, an American retailer dealing in home improvement and construction products has agreed to disburse $13 million as compensation among all customers whose data was lost in 2014’s data breach. The company also agreed to invest $6.5 million to provide all its customers with a one and half years of identity protection services.
The details of the data breach are as follows- Hackers gained access to the data of all those shopped at Home Depot stores between April and September of 2014 in US and Canada. The attackers first gained access to Home Depot’s network using the login credentials of one its contractors and then copied the data of about 56 million payment cards which includes email addresses and card details.
As a result of this data breach, Home Depot was hit with more than 50 lawsuits. In early 2015, the lawsuits were consolidated into two suits each seeking class action status.
In this year, the retailer decided to close all the litigations pending against it by agreeing to pay $13 million compensation to those whose data was breached. Also it agreed to invest in improving data security, including hiring a chief information security officer. In all, Home Depot has reportedly booked $161 million in pre-tax expenses for the breach.
Last year, Target agreed to pay $10 million in a settlement over a data breach it suffered in 2013 that affected at least 40 million cards.