The information thefts, which affected some 300 employees at the hardware and home improvement chain, were initially detected last fall and those employees whose files were compromised were notified of the breach.
Home Depot was tipped to the scam after one of the three employees was caught using her Home Depot e-mail to send the stolen information — including Social Security numbers and birthdates — to her alleged co-conspirators, one of whom is her daughter.
“Our corporate security, IT security and legal teams quickly investigated the matter and notified law enforcement, and the three associates were subsequently arrested,” said the Depot’s Director of Corporate Communications.
The 300 employees listed in the e-mail were contacted and offered free credit monitoring, but the retailer admits the possiblity that other employees may have been affected.
“Out of an abundance of caution and looking at the universe of those whose information might have been exposed – which we believe is between 10 and 20 thousand – we’ll notify others as needed,” the company rep, who adds that no customer information was compromised, as these “rogue” employees did not have access to that data.