Home Depot employee data exposed after third-party vendor breach
Employee data at the largest US home improvement retailer, Home Depot, was exposed after a third-party supplier used by the retailer suffered a data breach.
A database containing the data of more than 10,000 of Home Depot’s 475,000 employees was posted on the famous hacking forum BreachForums by infamous leaker IntelBroker.
“Today I have uploaded the Homedepot.com database for you to download. Thanks for reading and enjoying!” IntelBroker wrote on BreachForums.
According to the listing, the data included employees’ full names and email addresses and can be downloaded for just four BreachForum credits, a currency that users can earn by posting to the site, encouraging them to contribute.
talking to beepcomputerHome Depot confirmed that it was aware of the attack and that data was accidentally exposed by one of its third-party software as a service (SaaS) providers after falling for a phishing attack.
“A third-party software-as-a-service (SaaS) provider inadvertently made public a small sample of Home Depot associates’ names, work email addresses, and user IDs during testing of its systems,” it said. a spokesperson.
While no financial or banking information was leaked, threat actors who accessed the data could use it to launch new attacks or commit fraud to then gain access to affected individuals’ finances or further breach the company’s network.
IntelBroker is known for targeting major organizations and government agencies; most recently he breached a US federal government contractor and leaked “documents belonging to the Five Eyes intelligence group,” according to the threat actor on BreachForums.
“This data was obtained by breaking into Acuity Inc, a company that works directly with the US government and its allies,” the threat actor said.
According to IntelBroker, who is allegedly one of the three hackers behind the breach, along with “Sanggiero” and “EnergyWeaponUser”, the exfiltrated data includes full names, emails, office numbers, personal mobile numbers, email addresses government, military and Pentagon and “classified information.” and communications between the 5 eyes, the 14 eyes and the allies of the United States.”
The US State Department is aware of the breach and has launched an investigation into the attack.
“The department is aware of claims that a cyber incident has occurred and is currently investigating,” a State Department spokesperson told BleepingComputer.
“The department takes seriously its responsibility to safeguard your information and continually takes steps to improve the department’s cybersecurity posture.
“For security reasons, we will not provide details about the nature and extent of the claim.”
Prior to this, IntelBroker launched attacks against T-Mobile, Facebook Marketplace, General Electric, US Citizenship and Immigration Services (USCIS), and DC Health Link.