Home Depot this afternoon confirmed what speculation had already pegged as the largest payment card data breach in history, with up to 56 million payment cards compromised.
In a press release (PDF) the company confirmed in the headline and first paragraph that the "malware elimination has been completed" and in the seventh paragraph that up to 56 million cards were affected, and that the malware was "believed to have been present between April and September" of this year.
Chase said yesterday that it has replaced some credit cards as a result of the Home Depot breach (it also did so after the Target breach), and other banks will likely follow suit.
As a retailer, it can be hard to get in touch with consumers to let them know to be vigilant, so anyone who shopped at Home Depot during this April to September period should read their statements especially carefully.
Merchants have already started to feel the fraud effects of so many cards and identities on the black market. As we reported yesterday, Redbox Instant suspended new signups due to a high incidence of "carding" -- where thieves test the validity of cards using small transactions.
In its annual True Cost of Fraud presentation yesterday, Lexis Nexis also stated that the correlation between leaked personal and payment data and fraud is now rising: more hacked payment cards will mean a dramatic rise in fraud attempts.
Time for ecommerce retailers to get updated antifraud solutions...