Home Depot's security breach that left 56 million credit card numbers and 53 million customer email addresses vulnerable was blamed by a Windows vulnerability. When executives at the home improvement retailer learned of cause of the breach, those executives were quickly given replacement MacBook laptops and iPhones
According to a report on the WSJ, hackers gained access via a Windows vulnerability, allowing them to target 7,500 self checkout terminals:
Once inside Home Depot's systems after gaining credentials from the outside vendor, the hackers were able to jump the barriers between a peripheral third-party vendor system and the company's more secure main computer network by exploiting a vulnerability in Microsoft Corp. 's Windows operating system, the people briefed on the investigation said.
The vulnerability had since been patched by Microsoft, but still came too late.
As Home Depot was investigating the breach, their IT team bought senior executives iPhones and MacBooks:
Four days after the company had been alerted, Home Depot's investigators discovered evidence that malware had been deleted from a store computer. The company was able to confirm a breach, but it couldn't be sure its critical business information was out of danger. An IT employee bought two dozen new, secure iPhones and MacBooks for senior executives, who referred to their new devices as "Bat phones."