Home Depot has confirmed that a third-party company accidentally exposed some of its employees' personal details – after a criminal copied the data online.
Home Depot confirms employee data breach
In a statement to The Register, Home Depot spokesperson Beth Marlowe said: "A third-party SaaS provider inadvertently made public a small sample of Home Depot employees' names, work email addresses and user IDs while testing their systems."
Marlowe declined to say how many employees were affected, name the third-party vendor or answer our additional questions about the data theft. To us, it appears that someone saw the sample on the public internet, made a copy of it, and leaked some or all of it on the dark web.
The retailer's disclosure comes after a crook who goes by the name IntelBroker shared the information on BreachForums. On Friday, they claimed to have made available a Home Depot database containing company information belonging to 10,000 employees from an attack this month.