April 8, 2024 at 02:12PM
Home Depot confirmed a third-party vendor inadvertently exposed some employees’ personal details, including names and email addresses. The retailer’s disclosure follows a data dump by a crook on BreachForums. While the intrusion didn’t affect business operations or customer data, the stolen info could be used for credential theft. The same party was allegedly behind the theft of classified information from the Pentagon and other national security agencies.
Based on the meeting notes, the key takeaways are:
1. A third-party SaaS vendor accidentally exposed personal details of Home Depot employees, including names, work email addresses, and User IDs during system testing.
2. It is reported that the stolen data was claimed to be posted online by a criminal, potentially affecting 10,000 Home Depot employees.
3. The breach does not seem to have impacted Home Depot’s business operations, financial data, or customer information, but it could potentially be used for targeting Home Depot staff for credential theft.
4. The stolen data was allegedly uploaded by a criminal known as IntelBroker, who has allegedly been involved in other high-profile data breaches, including breaches within federal agencies and health-care plans.
5. The State Department is currently investigating the claims of a cyber incident related to the data breach.
These are the key points from the meeting notes. If you need further details or more specific information, please let me know.