Security News > 2020 > November > Home Depot Agrees to $17.5 Million Settlement With States Over 2014 Data Breach
Home Depot has agreed to shell out $17.5 million under a settlement with the attorney generals of 46 states and the District of Columbia over the massive data breach suffered by the home improvement retailer in 2014, when cybercriminals managed to steal email addresses and payment card data belonging to more than 40 million customers in the United States.
Consistent with previous state data breach settlements, undergo a post settlement information security assessment which in part will evaluate its implementation of the agreed upon information security program.
"This settlement ensures Home Depot complies with our state's strong data security law and requires the company to take steps to protect consumer information from illegal use or disclosure."
In March 2017, Home Depot agreed to pay $25 million to the financial institutions affected by the data breach, and reportedly paid out more than $134 million to Visa, MasterCard and other financial organizations.
Overall, the data breach has cost Home Depot upwards of $200 million, according to SecurityWeek's calculations.
News URL
Related news
- StreamElements discloses third-party data breach after hacker leaks data (source)
- Texas State Bar warns of data breach after INC ransomware claims attack (source)
- Food giant WK Kellogg discloses data breach linked to Clop ransomware (source)
- The quiet data breach hiding in AI workflows (source)
- Hertz confirms customer info, drivers' licenses stolen in data breach (source)
- Hertz data breach: Customers in US, EU, UK, Australia and Canada affected (source)
- Landmark Admin data breach impact now reaches 1.6 million people (source)
- Entertainment services giant Legends International discloses data breach (source)
- 2025 Data Breach Investigations Report: Third-party breaches double (source)
- Yale New Haven Health data breach affects 5.5 million patients (source)