Assignment #1 Information Literacy

Yolanda Wilkins
1

Home Depot Breached and They Didnt Know It!
CNN published the article Home Depot confirms months-long hack which discusses a
major security issue impacting technology today. The article can be found here:
http://money.cnn.com/2014/09/08/technology/security/home-depot-breach/index.html
and was written by Jose Pagliery. On September 2, 2014, Home Depot became aware of a
breach after they began receiving phone calls from banks and law enforcement. It is believed
that going back to April; hackers have gone completely unnoticed in the home improvement
giants payment systems. During which time, hackers have had access to an undetermined
about of payment information. Experts state this breach could be larger than Targets which
resulted in over 40 million debit and credit card information stolen. Internet fraud expert, Brian
Krebs states that thieves are using this debit card information to change PIN numbers and make
fraudulent withdrawals from bank accounts. Home Depot spokesperson, Paula Drake
wouldnt address those allegations, nor would she comment on just how many cards might
have been compromised. She did indicate the company believes those cards impacted were
likely used in the brick and mortar stores in the US and Canada, leaving its online customers and
those who shopped in the Mexico stores spared (Pagliery). Home Depot is working with the
Secret Service to determine the gravity of this information breach. In the meantime, they are
offering free identity protection and credit monitoring to those who shopped with the retailer
since April. Additionally, they have replaced their card swiping terminals and installed
machines that accept the chip-enabled EMV cards, which are considered to be more secure
(Pagliery).
Using search engine Bing, I found the article below:
Assignment #1 Information Literacy
Yolanda Wilkins
2

http://www.usatoday.com/story/money/business/2014/09/11/4-reasons-shoppers-will-shrug-
off-home-depot-hack/15460461/, 4 Reasons Shoppers Will Shrug Off Home Depot Hack,
written by Anne D'Innocenzio. I also searched Yahoo and found the following:
http://www.businessweek.com/articles/2014-09-02/home-depots-credit-card-breach-looks-
just-like-the-target-hack, Home Depots Suspected Breach Looks Just Like the Target Hack,
written by Dune Lawrence. For ease of use, the Bing search was much more user friendly and
produced quick results that could be readily accessed. While the Yahoo search engine
produced a fair amount of dead links that I was not able to access, especially those written by
their own staff writers. It seems that Yahoo should make its own content accessible at all
times, but this wasnt the case when I searched one week ago. These issues may have since
resolved themselves. Judging the two search engines, Bing was the preferred in this
assignment.
The Bloomberg Businessweek article written by Dune Lawrence was written on
September 2, 2014; this was the very same day that Home Depot became aware of the breach.
The author has written several more articles updating recent discoveries. To date (9/18/2014),
she has written three more articles. This article is relevant to this previous one written by Jose
Pagliery and even delves deeper by informing about the group responsible for the breach.
Lawrence notes they operate a website, rescator.cc, that sells the stolen card data. Also, the
author reveals the possible motive, stating that it could be retribution for penalties imposed
on Russia in reaction to its actions in Ukraine (Lawrence).
Dune Lawrence is a staff writer for Bloomberg Businessweek with a vast repertoire.
However, she has drawn some scrutiny from the Asian community as a racist, due in part to
Assignment #1 Information Literacy
Yolanda Wilkins
3

several disparaging articles written about China. In spite of this, the author has written about
privacy and security extensively for Bloomberg Businessweek and is appropriately qualified as
its investigative reporter. Further evidence can be found in an updated Q & A for the site,
where the author explains to writer Lauren Meller that she joined Bloomberg Businessweeks
Projects and Investigations team back in 2009 and that much of her contributions center on
hacking and cybersecurity (Meller). The information in the article is quite accurate and has
been discussed in several national (USA Today, CNET, et al) and local media outlets (The
Baltimore Sun, The Washington Post, et al). As the investigation carries on, the full scope of
this breach is becoming clearer, thus the story continues to test the initial articles that were
written at the start. Lawrence surmises in another piece that Home Depot had significant
warning signs that were systematically ignored that could have spared consumers personal
data. For instance, in this piece for Bloomberg Businessweek titled Home Depot Hacked After
Months of Security Warnings, the author states Home Depot was using old antivirus software
in their stores, and cites other issues that turned out to be major oversights in the end (Elgin,
Riley, and Lawrence). With so much public scrutiny on the issue, very little has been contested
to date. It appears many former managers, employees and spokespeople decline to comment
on very serious inquiries, this can be viewed as an indicator that there is a lot of truth behind
the accusations. This article was written to inform the consumer and offer warning if they had
shopped with the retailer in recent months. There was positively no bias, the author meant no
malice toward Home Depot whatsoever and its material is completely objective. The author
simply seeks to inform the public and says nothing disparaging about the retailer.
Assignment #1 Information Literacy
Yolanda Wilkins
4

In searching the CCBC Library database for similar articles, I used keywords like Home
Depot, computer, and hack. I found two articles in the process using the ProQuest search
tool. I used this tool because it was rated as one of the top five on the CCBC Library site. The
two articles I chose were as follows:
1. New Details Home Depot Breach: Home Depot Hack Hits 56M Credit Cards
Compromised; Company Says New Security Will Stop Thieves, by Leon Stafford
2. Home Depot confirms 56 Million Cards Hit By Hack, by Gizmodo, Gizmodo Blog
Both articles deliver the same message with varying levels of depth. The first of the two articles
was written by business staff writer for the Atlanta Journal-Constitution, Leon Stafford and the
second was written by an unnamed staffer with Gizmodo blog. Stafford delivers his message
through the hometown paper The Atlanta Journal-Constitution, so those local to the area or
with access to the internet can locate this information very easily. The other article was
published with no author through a design and technology blog page that may not be so readily
accessible if one wasnt familiar with it prior. The site appears to be more tech-centered with
content geared toward those who have more knowledge about technology than the average.
The hometown paper seems to deliver an in-depth approach to the technological information
leading to the breach. It notes that it was caused by malware, it mentions the use of an
encryption system to protect customer information, and discusses Home Depots efforts to
monitor customers credit information. All these topics were discussed in the Gizmodo article,
but to a lesser degree and with other details missing. I expected the tech blog to offer more
detail, especially since this was a cybersecurity issue but they instead took a more laymans
approach. Author Leon Stafford seems to be the authority in this particular analysis, as he does
Assignment #1 Information Literacy
Yolanda Wilkins
5

specifically write in an investigative scope for the newspaper as their business writer. Also he
has been a writer for at least twenty-five years. The author of the Gizmodo article is unknown
and the authority of his or her statements cannot be tested. Notably, both articles were
written within two weeks of the breach breaking to the public, so they are both considered
timely, especially considering that new information is being revealed each day.
Home Depot has received a tremendous amount of attention and scrutiny as a result of
the security breach. The articles mentioned show a mere snapshot of that. Though Home
Depot is regretful for this circumstance and is even offering assistance to its affect customers,
they recognize they will recover from this issue. As the retailer is one of few options available
in this market. Lowes and Ace Hardware are its main competitors. The company has even
boasted increases in revenue over the past six-months and no doubt has some of the most loyal
customers, namely their professional and contractor services. These professionals make up
37% of their sales shopping several times per week (DInnocenzio). Home Depot is likely to
keep its market share and rebound from this breach in due time. The public will still be holding
them accountable, of course, but they will still be shopping their stores.
This assignment used the MLA format.






Assignment #1 Information Literacy
Yolanda Wilkins
6

Bibliography:
Pagliery, Jose. "Home Depot Confirms Hack, Maybe since April."CNNMoney. Cable News
Network, 08 Sept. 2014. Web. 21 Sept. 2014.
Press, Anne D'Innocenzio The Associated. "4 Reasons Shoppers Will Shrug off Home Depot
Hack."USA Today. Gannett, 11 Sept. 2014. Web. 21 Sept. 2014.
Lawrence, Dune. "Home Depot's Suspected Breach Looks Just Like the Target Hack."Bloomberg
Businessweek. Bloomberg, 02 Sept. 2014. Web. 21 Sept. 2014.
Meller, Lauren. "Q&A With Bloomberg Reporter Dune Lawrence | Bloomberg Content
Service."Bloomberg.com. Bloomberg, n.d. Web. 21 Sept. 2014.
Elgin, Ben, Michael Riley, and Dune Lawrence. "Home Depot Hacked After Months of Security
Warnings."Bloomberg Business Week. Bloomberg, 18 Sept. 2014. Web. 21 Sept. 2014.
Home Depot Confirms 56 Million Cards Hit by Hack. Chatham: Newstex, 2014. ProQuest.
Web. 21 Sep. 2014.
Stafford, Leon. "NEW DETAILS HOME DEPOT BREACH: Home Depot Hack Hits 56M: Credit Cards
Compromised; Company Says New Security Will Stop Thieves."The Atlanta Journal -
ConstitutionSep 19 2014. ProQuest. Web. 21 Sep. 2014.