Home Depot

In the latest settlement of legal claims arising out of a massive 2014 data breach at Home Depot, the retailer has agreed to pay $27.25 million to affected financial institutions.

Banks that file valid claims will get a “fixed payment award” of about $2 per compromised payment card without having to prove their losses, even if they have received compensation from another source.

Those that can prove their losses may get an additional “documented damages award” of up to 60% of their uncompensated costs, according to the settlement documents.

“Credit unions and their members have unfortunately borne the brunt of lax merchant data security standards,” Jim Nussle, chief executive of the Credit Union National Association, said in a news release. “This settlement would be a step toward making them whole again.”

Home Depot disclosed in September 2014 that hackers stole payment card data from customers who made purchases at self-checkout terminals between April 10, 2014, and Sept. 13, 2014. The hackers also stole a separate file of customer email addresses.

In addition to the class action settlement announced this week, Home Depot has paid at least $134.5 million in compensation to consortia made up of Visa, MasterCard, and various banks. Consumers last year received a $19 million settlement that included a $13 million cash fund as well as $6 million in credit monitoring services.

“The discrepancy between the payments to consumers and banks arises because the latter can show clear damages from the breach, such as fraudulent transactions and lost credit card fees,” Fortune explained. “Consumers, on the other hand, were made good for any unauthorized purchases.”

For Home Depot, the cost of the breach is at least $179 million, according to court documents. “The final total, though, is likely to be much higher because of legal fees and any other undisclosed payouts,” Fortune said.

As part of the latest settlement, Home Depot also agreed to track and manage its data security risk assessments using a risk-exception process, conduct annual reviews of service providers and vendors that have access to payment card information, and create a security-control framework.

, , , , , , ,

One response to “Home Depot to Pay $27M Over Data Breach”

  1. Home Depot is getting away cheap. H/D exposing your full c/c info to all employees as far back, In my case 2005. Wi. Fed case Home Depot- Parent.and again in Janaury 30, 2015 in Round Rock Texas. Stole36,000 Credit Card numbers, and sold them on line, for 60 cents each. He got the numbers and put them on a thumb drive,and sold them for 60 cents each.I lost my case and the ceo’s new the truth.and it cost me everything.over 180,000. I will never be able to stop working. Thanks H/D,for not giving a _€’,~<} All I asked was to show the ceo's what happend.But they will not give me the time.

Leave a Reply

Your email address will not be published. Required fields are marked *