In news that will surprise no one, Home Depot confirmed it’s had credit card data stolen.
I also learned that in an effort to defeat my usual security measures, people increasingly will buy cards local to them, so they can shop in the same zip code, or a very nearby zip code to the victim. They then buy expensive merchandise and/or gift cards. This tactic limits the market but increases the effectiveness if you happen to own the unlucky card that your malicious neighbor buys.
About the only way to defeat this behavior is to keep a close eye on your account statements, which means cutting down on credit card use probably would make it easier for you to notice fraud. And, of course, when your credit card company sends a new card, activate it as quickly as possible.
As for what happened, there’s lots of speculation but no confirmation as of yet. Now the start date has been revised back to perhaps sometime in April, and while the number of stores hasn’t been confirmed, the numbers I’m seeing range from 1,700 to all 2,200 of them.
As far as what’s going on, I think we’re in a situation much like the era of The Cuckoo’s Egg, where the world is changing faster than the security world and the corporations who employ it can keep up. In a few years I’ll look back on it in awe of what I learned, but for now, I have to admit feeling scared more than anything. I think we’ll get through it, but at this point in the battle, I still don’t know how.
David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.
