Wednesday, November 25, 2020
On November 24, 2020, a multistate coalition of Attorneys Common introduced that The Residence Depot, Inc. (“Residence Depot”) agreed to pay $17.5 million and implement a collection of knowledge safety practices in response to a knowledge breach the corporate skilled in 2014. The $17.5 million fee can be divided among the many 46 taking part states and the District of Colombia. We beforehand reported on a settlement Residence Depot reached in 2017 to resolve a putative class motion introduced by monetary establishments impacted by the 2014 knowledge breach.
The 2014 breach occurred when unauthorized events gained entry to Residence Depot’s community and put in malware on the corporate’s self-checkout point-of-sale system, permitting the attackers to acquire fee card info from prospects who used self-checkout registers in Residence Depot shops between April 10, 2014 and September 13, 2014. Roughly 56 million fee card numbers have been compromised, and the stolen info was used to conduct fraudulent transactions. Residence Depot publicly disclosed the breach in September 2014.
Along with the $17.5 million settlement, Residence Depot agreed to implement varied knowledge safety measures, together with:
using a professional chief info safety officer who will report back to each senior or C-suite executives and the board of administrators concerning Residence Depot’s safety posture and recognized safety dangers;
guaranteeing the corporate allocates acceptable assets to implement and keep its info safety program;
offering acceptable safety consciousness and privateness coaching to all personnel who’ve entry to the corporate’s community or who’re in any other case accountable for processing U.S. customers’ private info;
using particular info safety safeguards with respect to logging and monitoring, entry controls, password administration, two-factor authentication, file integrity monitoring, firewalls, encryption, danger assessments, penetration testing, intrusion detection and vendor administration; and
present process an evaluation that can consider, partly, Residence Depot’s implementation of the knowledge safety program and controls described above.
Copyright © 2020, Hunton Andrews Kurth LLP. All Rights Reserved.Nationwide Legislation Assessment, Quantity X, Quantity 330