On Thursday, April 4, an entity identified as IntelBroker disclosed personal data concerning 10,000 Home Depot employees on a dark web hacking forum.
Five days following the breach, Home Depot issued a statement shedding light on the incident.
Here’s what we know so far.
How did the Home Depot data leak happen?
In a media statement, Home Depot spokesperson Beth Marlowe revealed, “A third-party SaaS vendor inadvertently exposed a small subset of Home Depot associates’ names, work email addresses, and User IDs during their system testing.”
Essentially, this data breach didn’t stem from a direct cyber-attack on Home Depot’s systems. Instead, it arose from a misconfiguration by a third-party software provider—whose identity is currently unknown.
The misconfiguration left a batch of sensitive information accessible to the public, thereby making it searchable online.
The individual known as IntelBroker then discovered this data and subsequently shared it on a platform named BreachForums, stating, “Today, I have uploaded the Homedepot.com database for you to download, thanks for reading and enjoy!”
While there’s no indication that this breach impacted customer data, the stolen employee details could serve as a foundation for phishing attempts on Home Depot employees, which could lead to unauthorized access to more critical corporate systems.
Lessons learned
The data breach underscores the importance of bolstering supply chain security. As the saying goes, “you’re only as strong as your weakest link.”
Even if you’ve got an excellent approach to cybersecurity and compliance, vulnerabilities, and human error on the side of one of your suppliers can wreak havoc, as was the case here.
To help organizations bolster supply chain security, we’ve written detailed guidance on preventing third-party data breaches here.