In an official statement on September 18, 2014, Home Depot stated that an estimated 56 million credit and debit cards were exposed during a five-month-long attack on its payment terminals. As reported by the New York Times on September 19, 2014, in "Ex-Employees Left Home Depot Data Vulnerable,"former employees of Home Depot who have asked to remain anonymous have alleged that the retailer' network was protected with outdated software, and that some cyber security team members left after managers allegedly dismissed their concerns. In the same article, the New York Times also stated that the breach may result in up to $3 billion in fraudulent charges.
The Home Depot data breach class action lawsuit is entitled Earls v. The Home Depot Inc., No. 3:14-cv-4315, and is currently pending in U.S. District Court for the Northern District of California.
Plaintiffs are represented by Girard Gibbs LLP.