D.C. Secures $85K Over Home Depot Data Breach


Last month, our office, along with 45 state Attorneys General obtained a $17.5 million settlement—which provides $85,000 to the District—against The Home Depot over a 2014 data breach exposing the payment card information of nearly 40 million of its customers nationwide.

The breach occurred when hackers gained access to The Home Depot’s network and deployed malware on The Home Depot’s self-checkout point-of-sale system. This allowed the hackers to obtain the payment card information of customers who used self-checkout lanes at The Home Depot stores throughout the U.S. between April 10, 2014 and Sept 13, 2014.

In addition to the $85,000 settlement payment to the District, The Home Depot will implement and maintain data security practices to strengthen its information security program and safeguard the personal information of consumers. The company is also required to undergo a post-settlement assessment within one year to evaluate its progress in implementing these information security measures.

The Office of the Attorney General works to educate District residents about their consumer rights, responds to individual consumer complaints, and takes appropriate law enforcement action when possible. Learn more about your rights and how to protect yourself against scams at oag.dc.gov/ConsumerProtection.