Dive Brief:

• Some 56 million debit and credit cards were compromised in the data theft recently disclosed by Home Depot, the retailer reported Thursday.

• The malware implicated in the theft has been removed from its U.S. and Canadian point-of-sale systems, and it has added encryption that makes data unreadable to hackers in all of its U.S. stores. Encryption in Canadian stores will be complete next year, although many of those stores also have EMV or “chip-and-PIN” protection.

• Forensic experts say the malware somehow mostly affected Home Depot’s self-checkout systems, according to Brian Krebs of Krebs on Security.

Dive Insight:

The extent of the breach exceeds last year’s problem at Target, which lasted only three weeks, rather than Home Depot’s months, and affected some 40 million cards. The Target breach was so successful in less time because it happened during the busy holiday season, said cyber-data journalist Brian Krebs of Krebs on Security. Things at Home Depot could have been even worse, says Krebs, if the malware had not been limited mostly to self-checkout terminals.