Breach, Data Security, Patch/Configuration Management, Vulnerability Management

Windows vulnerability identified as root cause in Home Depot breach

Share

In a detailed account of Home Depot's breach, The Wall Street Journal  disclosed that the compromised credit cards and emails could have been stolen as a result of a Windows vulnerability in the retailer's main network.

Attackers reportedly gained credentials from a third-party vendor and then navigated through the vendor's system and Home Depot's secure network by exploiting the vulnerability.

Microsoft issued a fix for the security lapse after the breach had already begun, and the retailer installed it, however at that point, it was too late.

The article went on to say that a company IT employee purchased two dozen secure iPhones and MacBooks for senior executives after news of the breach broke.

The new devices were reportedly identified as “bat phones,” which some news sites have interpreted as a loss of trust in the retailer's Microsoft-based systems.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.