April 8, 2024 at 05:16PM
Home Depot confirmed employee data compromise via a third-party software vendor, with a “small sample” of employees’ names, corporate IDs, and email addresses exposed. The incident underlines the importance of choosing SaaS vendors with robust cybersecurity measures. Experts recommend testing vendors’ workflows with non-production data and conducting regular security best practice training.
The meeting notes highlight that Home Depot confirmed a data breach involving employee data through a third-party software vendor. The compromised data, now for sale on the Dark Web, poses a risk for targeted phishing cyberattacks. Tamir Passi from DoControl emphasizes the importance of selecting SaaS vendors with strong cybersecurity protections and recommends testing their workflow with non-production data sets. Mika Alto from Hoxhunt advocates for regular audits and continuous training on security best practices to recognize threats arising from third-party sources. Additionally, it is mentioned that Home Depot experienced a larger data breach involving customer credit card data a decade ago.