Home Depot may be the latest retailer to have suffered a massive credit card breach, the company confirmed on Tuesday, after a website reported that a large cache of stolen data had appeared on black market sites.
According to information first reported by Krebs on Security, the breach may have extended as far back as the spring of this year. If so, the fallout may end up being far larger than Target‘s incident late last year, when information pertaining to tens of millions of customers was compromised.
Home Depot is working with investigators to determine the origin of “unusual activity,” a spokeswoman told CNBC in a statement.
“Protecting our customers’ information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers,” she added, but declined to provide further information.
Amid a rash of identity thefts that have laid claim to banks and retailers in recent months, Krebs on Security reported that the breach bore similar hallmarks to groups that hit P.F. Chang’s, as well as Target and others.
Privately, according to reports, officials suspect the hackers are of either Russian or Ukrainian origin. Hackers from those countries are also widely suspected as having orchestrated a recent attack on the Nasdaq Stock Market.
In Target’s case, the breach affected as many as 70 million of its consumers, costing the company upwards of $100 million in charges, as well as lost customer traffic. Not long after the retail giant disclosed its breach, high-end retailer Neiman Marcus reported that it too had fallen prey to cyberattacks.
Read More Target cuts full-year profit forecasts
Krebs added that the breach may have taken place across all of Home Depot’s U.S. stores.
Home Depot’s stock, traded on the New York Stock Exchange, tumbled by more than 2 percent intraday on Tuesday.