So I get this from my Bank last Friday.
Information Regarding the Home Depot Data Breach
If you shopped at a U.S. Home Depot store between April to August 2014, and you are receiving this eMail, your Discover® debit card could be at risk. It is important that you replace your card immediately. Don't wait, you may replace your card at any of the following instant issue locations.

Yes I was potentially one of the people who got hacked, so I go to my bank on Saturday. The Customer service was great, they had a new card for me in minutes, let me choose my own PIN number and gave me a brief explanation of what happened, how it happened and what to watch out for in the future.

But now I see this.
http://www.huffingtonpost.com/2014/09/18/home-depot-hack_n_5845378.html

The Home Depot said Thursday that about 56 million customer debit and credit cards were put at risk after hackers broke into the company's payment systems.

In a statement, the home improvement retailer said the malicious software used in the attack had been removed from its computer system in the United States and Canada and that the company had enhanced encryption at point-of-sale terminals at its U.S. stores.

Now some questions for the Brain Trust here:

The Customer Service Rep at my Bank explained to me that most of the fraudulent transactions they were seeing were out of grocery stores in Florida.

1) Why Florida?

2) Why in the world did none of the guys I work with get a notice from their Banks?

3) Who pays for this in the end? I am sure the loss will be amazing before this is over.

4) I returned 50' of Copper tubing to Home Depot the day before I got this notice and they refuse to refund me cash for a Debit Card transaction. Why doesn't Home Depot limit exposure to fraud and just give you your return in cash?

Old people have learned to use computers!

I believe Target is also wrapped up in this as well.

The Target incident was a while ago unless they've had another.

Response from the banks varies. We had a local grocery store chain that was hit. We had shopped there in the time frame. Within a week of it happening, US Bank notified us by mail and included a new card to replace the affected one and instructions for deactivating the old and activating the new. Not every bank did that. No fraudulent transactions ever occurred.

We did have a fraud happen a few years ago when we were in the hospital for the birth of our first. US Bank called me and asked if I was traveling. I explained where we were and the rep said, "That's what we thought. There were two transactions at a WalMart in Atlanta. We blocked the second and will refund the first. Watch the mail for a new card next week."

Thieves will generate random numbers on a card and try it out. The first purchase went through for about $30. They immediately attempted a $600 purchase at the same store. Two transactions at the same location for such varied amount throws a red flag in their system.

US Bank refunded us the $30 but I believe this will vary from bank to bank as far as the policies on fraud protection.



Sent from my Nexus 4 using Tapatalk

Surprisingly I got another notice from my Bank this morning, this time from snail mail.
It gave very specific instructions along with warnings and reassurances that they were monitoring our accounts.
They gave me 1.5% on a used car loan recently too, I think I like these folks.

If I had to guess the processing center that Home Depot subcontracts to is out of Fla. Or retired people are sick of their SS handouts and bought a bunch of fake cards.

There are way too many middle men involved in your transactions. In this day and age of connectedness why doesn't the swipe go straight to Citibank or Amex or whoever is beyond me.

I never use debit cards. Quite simply it is absolutely not worth the risk, regardless of any promises or protections.

The information was stolen, likely by some group in Eastern Europe and then sold to thieves in FL.

Surprisingly I got another notice from my Bank this morning, this time from snail mail.
It gave very specific instructions along with warnings and reassurances that they were monitoring our accounts.


This is standard practices for banks. Customers who've had their accounts hacked get these kind of notices.

Sam, I'm sure that is S.O.P., but I'm certainly pleased with the double warning and the custome service.
I was rather surprised when I talked to guys at work who have different Banks and still haven't gotten a notice.
These folks just seem to be on the ball, especially for a small and local Bank.