American credit-card holders aren’t the only ones who have seen fraud surface on their accounts following a North American-wide breach of customer information at Home Depot Inc.
Conan Davis of Mission, B.C., was notified by an email alert from American Express Canada in early September that an online purchase using his card number, name and expiration date had been made.
A $300 purchase went through, but raised red flags at Amex Canada, who notified Davis.
“I was racking my brain about which sites could of possibly been breached,” said Davis, who shops regularly online. After Home Depot disclosed the breach, it hit him: “I used Home Depot quite a bit.”
Davis made about $2,000 in purchases on the pin-protected card at the home improvement store over the summer as he re-floored his home.
Home Depot is now paying $15.95 a month for credit monitoring services for the B.C. resident, a service it says it will provide to any potentially affected Canadian consumer who shopped at the chain between April and this month and used a credit card.
Though reports suggest the majority of the fraud is being attempted in the United States, Davis appears to be far from alone in Canada in the wake of what’s become one of the biggest data breaches at a retailer to date.
Even before Home Depot disclosed on Sept. 8 that its North American network of more than 2,200 stores (188 in Canada) had its in-store payment systems compromised by criminal hackers, Canadian banks and credit card providers were moving to block potentially fraudulent transactions.
The breach was first made public on Sept. 2 by cyber-security blogger Brian Krebs, the same person who broke the hacking of Target Corp. in the United States in late 2013.
“We actively monitor accounts for fraud, and if we see unusual activity which may be fraud, our standard practice is to immediately contact our cardmembers,” said American Express Canada in an email statement and notice about the Home Depot breach on its website.
Home Depot said last week as many as 56 million North American card-holders have been exposed to potential fraud.
The chain said it has eliminated the illegal software from its Canadian stores and is putting in place another layer of security on in-store payments that will be finished by early 2015.
A spokesperson for TD Bank, which manages its own credit cards as well MBNA brand cards, told Global News it’s been proactively cancelling cards.
“We are reissuing cards for customers we believe may have been impacted, and evaluating further action,” said Alicia Johnston, a spokesperson for TD Bank.
MasterCard Canada and Visa said last week both have been combing their Canadian customer bases since being notified of the breach, alerting partner banks about specific accounts to be watchful of.
The credit card companies declined to comment about how many Canadian accounts had been identified.
“If a customer is concerned regarding their card, they should immediately call the number on the back of their card or visit a branch for a new card if they suspect fraud,” TD’s Johnston said in an email message.
WATCH: Home Depot is investigating a major cyber-security breach. Mike Drolet has the details.