Home Depot data breach: 56M debit, credit cards impacted

ATLANTA (KABC) -- Hackers compromised about 56 million credit and debit cards at Home Depot stores between April and September 2014 in the second-largest breach for a retailer on record.

The financial information was stolen using malware that has not previously been seen in other attacks, the home improvement retailer announced Thursday. Since the malware was found, infected terminals have been taken out of service, the method of entry was closed off and the malware was erased from the company's systems, officials said.

There is no evidence that debit card PIN numbers were compromised or that the attack impacted stores in Mexico and customers who shopped online.

"We apologize to our customers for the inconvenience and anxiety this has caused, and want to reassure them that they will not be liable for fraudulent charges," chairman and CEO Frank Blake said in a statement.

The breach is second only to TJX Cos., which saw 90 million records stolen. Target's 2013 breach compromised 40 million credit and debit cards.

The Home Depot was first notified of the hack on Sept. 2 by banking partners and law enforcement.

Customers who may have used a payment card at a store since April may participate in free identity protection services. Those wishing to take advantage of the services can learn more at www.homedepot.com or call 1-800-HOME-DEPOT (800-466-3337).

The Associated Press contributed to this report.