The theft of credit card information from Home Depot by hackers earlier this year could affect up to 60 million customers and lead to as much as $3 billion in bogus purchases, a major credit protection firm says.
Earlier this month, the home improvement retailer said its networks were accessed by unknown hackers for an unknown amount of time earlier this year. Home Depot has confirmed that all of the chain's 2,200 stores in the U.S. and Canada may have been hit, but so far the chain has declined to reveal how big the breach was.
- Home Depot hack: What do you do if your card was breached
- Canadians could be affected by Home Depot security breach
After looking at more than a dozen similar breaches this year and assessing what happened in those instances, credit protection firm BillGuard says millions of people could be affected by the breach that will likely lead to billions of dollars in bogus charges.
"We believe that approximately 60 million accounts were exposed in the Home Depot breach, and estimate that $2-3 billion in fraud is likely to strike these compromised accounts overall," the company said in a post on its website last week.
Not all of those 60 million cardholders will necessarily see bogus charges, however. Only about 10 to 15 per cent of them are likely to see any fraudulent activity, BillGuard says, with an average cost expected to be around $332 each.
"BillGuard users are reporting fraudulent charges from a variety of sources, both online and brick-and-mortar," the company says. "Charges range from the five dollar range to tens of thousands of dollars. Some report a single fraudulent charge at one merchant, while others were hit by multiple charges from multiple merchants."
Home Depot is offering identity protection services, including credit monitoring, to any customer who has shopped at a Home Depot store in 2014, from April onward. But cybersecurity experts advise customers to keep a keen eye on their credit card activity history and watch out for any curious transactions.