The home improvement chain also said the malware responsible for the breach has been removed from all stores.
Symantec says attacks against retailers have increased over the past two years.
Criminals and spies seeking insider financial information, customer account data or other company secrets have increased their digital attacks against retailers, suggests a report released today from Symantec Corp., a security software provider that is No. 33 in the Internet Retailer Top 500 Guide.
What the vendor calls targeted attacks against the retail sector recently have increased enough that they account for approximately 25% of all such attacks, up from the 0.5% average over the past two years. The most recent attacks concentrated on six retailers that Symantec did not name, with 63% of attacks aimed at one retail company.
Attacks take various forms, from e-mails that imitate messages from a company’s senior executive for human relations that was said to contain confidential salary information and contained an attachment with a malicious computer code, to more generalized attacks on web sites, which criminals attempt to infect with malware, Symantec says.
“It is difficult to ascertain the motivations behind every attack,” says a Symantec spokeswoman. “But insider knowledge can be very valuable on the black markets. These companies may have overseas interests that are creating competition in other markets, and their competitors may have an interest in obtaining confidential data. It may be cyber-criminals seeking access to customer account information or credit card records.”