An update on the status of the investigation confirms impact figures On Thursday, Home Depot released an update on the status of their breach investigation. The update didn’t include many details, but the retailer did confirm that the incident impacted 56 million customers, making their breach larger than the incident at Target.In a statement Home Depot said that the company’s investigation, with includes elements of the US Secret Service, Symantec, and their own internal teams, has determined that “unique, custom-built malware” was used in order to help the criminals evade detection. That investigators are calling the malware new puts to rest speculation that said it was related to BlackPOS, the malware used during the Target breach.However, the largest bit of news from the statement is that the attack itself “is estimated to have put payment card information at risk for approximately 56 million unique payment cards.”Target’s breach only exposed 40 million cards, but the attackers spent less time on the network in order to obtain them. Home Depot says that the malware is believed to have been active on their POS network between April and September of 2014. The method used by the attackers to gain access to the Home Depot network has been closed off, but the company didn’t explain how said access was achieved.“We apologize to our customers for the inconvenience and anxiety this has caused, and want to reassure them that they will not be liable for fraudulent charges. From the time this investigation began, our guiding principle has been to put our customers first, and we will continue to do so,” said Frank Blake, chairman and CEO. Home Depot says they have turned to Voltage Security in order to better protect card data going forward. Given Voltage’s product offerings, it’s likely that Home Depot will be leveraging tokenization.The retailer said that Voltage’s products were fully deployed in all U.S. stores last week. Stores in Canada will be completely updated by early 2015. In addition, plans to deploy EMV (Chip & Pin) technology will be complete by the end of the year, as previously stated.Earnings wise, Home Depot says that they cannot estimate costs associated with the breach for Q4 2014 and how they’ll impact future earnings impacts. However, costs associated with the breach so far have reached approximately $62 million. Related content news Gwinnett Medical Center investigating possible data breach After being contacted by Salted Hash, Gwinnett Medical Center has confirmed they're investigating a security incident By Steve Ragan Oct 02, 2018 6 mins Regulation Data Breach Hacking news Facebook: 30 million accounts impacted by security flaw (updated) In a blog post, Facebook’s VP of product management Guy Rosen said the attackers exploited a flaw in the website's 'View As' function By Steve Ragan Sep 28, 2018 4 mins Data Breach Security news Scammers pose as CNN's Wolf Blitzer, target security professionals Did they really think this would work? By Steve Ragan Sep 04, 2018 2 mins Phishing Social Engineering Security news Congress pushes MITRE to fix CVE program, suggests regular reviews and stable funding After a year of investigation into the Common Vulnerabilities and Exposures (CVE) program, the Energy and Commerce Committee has some suggestions as to how it can be improved By Steve Ragan Aug 27, 2018 3 mins Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe