The security breach of Home Depot over 18 months ago ended up being a huge embarrassment for the home improvement retailer and is now finally going to bring to a close the matter.
The giant in retail do it yourself home improvement said on Tuesday that it has agreed to pay $19.5 million to customers in compensation for being caught up in the hack, where cyber attackers stole information of credit and debit card holders and email addresses for millions of shoppers at the retailer.
If the offer by Home Depot is approved by the courts, this settlement would cover up to 60 class-action suits that have been proposed that had resulted from the Home Depot breach. Home Depot had denied they did any wrongdoing or any liability.
This agreement includes a launching of a fund in the amount of $13 million to reimburse customers of Home Depot for losses, which includes legal fees incurred due to the hack. The retailer will pay for 18 months longer for protection services for cardholders, which will cost over $6.5 million.
A spokesperson for Home Depot said the company wanted to put its litigation behind them and this turned out to be the quickest path to doing so.
The breach took place during a period from April through September of 2014 and saw hackers rip off payment card data that belonged to over 40 million shoppers at Home Depot and a database with as many as 53 million email addresses of customers.
Home Depot indicated at that time the hackers accessed its network of computers through a third part vendor’s username giving them high rights of access to the network of Home Depot and were able to deploy malware that was custom built on the systems of self-checkout in the United States and Canada.
The hack took place alongside similar incidents that were high-profile and took place only a couple of months after the huge breach that hit Target.