Skip to main content
close search
site logo
Dive Brief

Home Depot settles with customers over 2014 data breach

Published March 9, 2016
Daphne Howland's headshot
Senior Reporter
flickr: Joshua Dorkin

Dive Brief:

  • Home improvement retailer Home Depot has agreed to pay some $19.5 million to U.S. customers affected by a 2014 data breach that compromised more than 50 million credit cards, according to court papers filed Monday and reported by Reuters.

  • Home Depot will establish a $13 million fund that will finance reimbursement of out-of-pocket expenses related to the event, plus another $6.5 million dedicated to paying for identity-protection services.

  • The settlement, which awaits approval from the federal court in Atlanta, caps nearly two years of litigation during which Home Depot sought to quash the suits, saying customers couldn’t show harm. The settlement entails no admittance of liability or wrongdoing by the retailer.

Dive Insight:

In the fall of 2014, Home Depot was criticized for its handling of the data breachnot revealing it until cyber-security journalist Brian Krebs wrote about itas well as the massive scope of the incident. Two years of litigation sounds painful, but this is a nice outcome for Home Depot. The lawsuits brought against the company were never certified as class actions, which would likely have meant more money and more attention. This way, the retailer contains the fallout fairly neatly.

"We wanted to put the litigation behind us, and this was the most expeditious path," Stephen Holmes, a spokesperson for Home Depot, told Reuters. "Customers were never responsible for any fraudulent charges."

According to Reuters, the lawyers representing Home Depot consumers were also pleased with Monday’s outcome. The accord covers about 40 million people who had payment card data stolen, and 52 million to 53 million people who had email addresses stolen, with some overlap between the groups.

Cybercrime is now the second most reported economic crime behind only asset misappropriation, and has impacted at least a third of all organizations over the last two years, a recent PricewaterhouseCoopers report found. PwC's Global Economic Crime Survey also reveals that only 37% of businesses have implemented cyber incident response plans, despite 61% of CEOs surveyed saying they were concerned about cybersecurity.

Recommended Reading

Filed Under: Financial News

Editors' picks

Company Announcements

View all | Post a press release
Aroma Retail Supports Exponential Ecommerce Growth with Descartes Parcel Shipping Solution
From Descartes Systems Group
November 04, 2024
SRS Real Estate Partners Adds Commercial Real Estate Veteran Chris Stewart to Bolster Owner Se…
From SRS Real Estate Partners
November 14, 2024
RDSolutions Unveils Rebrand and Comprehensive Service Suite to Optimize Retail Performance and…
From RDSolutions
November 05, 2024
Alejandro Betancourt López and the Future of Retail
From Hawkers Sunglasses
November 13, 2024
Editors' picks
Latest in Financial News
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell