NY AG helps secure $17.5M following The Home Depot data breach


FILE – This Aug. 15, 2019 file photo shows the Home Depot in Harahan, La. Home Depot reported a shortfall in third-quarter revenue as the nation’s largest home improvement chain’s strategy to meld its online business and its physical stores are taking longer to deliver benefits. (AP Photo/Gerald Herbert, File)

NEW YORK (WWTI) — New York State is set to receive nearly $600 thousand following a data breach at the Home Depot.

New York Attorney General Letitia James announced on Monday an agreement with the Home Depot, Inc., that will require the company to pay 46 states and the District of Columbia $17.5 million. The agreement resolves and investigation stemming from a data breach in 2014 that compromised payment card information of roughly 40 million customers.

According to AG James, the cyberattack occured when hackers gained access to The Home Depot’s network and used malware to gain information from the self-checkout point-of-sale system. These incidents occurred nationwide between April 10, 2014 and September 13, 2014.

New York State is set to received $597,459.80.

“New Yorkers have every reasonable expectation that their personal financial information will remain private and protected,” said Attorney General James. “Instead of building a secure system, The Home Depot failed to protect consumers and put their data at risk. My office is committed to protecting consumers, which is why we will continue to use every instrument in our toolbox to hold accountable companies that fail to safeguard personal information.”

James stated that as part of the November 24, multistate agreement, The Home Depot will make a series of provisions to security protocols. This provisions include the following.

  • Employ chief information security officer
  • Providing necessary resources to implement the company’s information security program
  • Provide appropriate security awareness and privacy training to all personnel who have access to company networks
  • Employ security safeguards with respect to logging and monitoring
  • Undergo a post settlement information security assessment

Joining Attorney General James in filing today’s multistate agreement are the attorneys general of Alaska, Arizona, Arkansas, California, Colorado, Connecticut, Delaware, Florida, Georgia, Hawaii, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, Missouri, Montana, Nebraska, Nevada, New Jersey, New Mexico, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, Tennessee, Texas, Utah, Vermont, Virginia, Washington, West Virginia, Wisconsin, and the District of Columbia.


Stay up-to-date by liking ABC50 on Facebook.

Copyright 2021 Nexstar Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.