HD A.I CyberSecurity Scoring
HD
Company Information
Website:http://www.careers.homedepot.com
Employees number:129,302
Number of followers:1,055,969
NAICS:43
Industry Type:Retail
Homepage:homedepot.com
HD Risk Score (AI oriented)
Between 800 and 849
HDRetail
Updated:
28/06/2026
28/06/2026
805/1000
Good
A
HD Global Score (TPRM)
xxxx
HDRetail
Score locked

HDGood
Current Score
805A (GOOD)
01000
6 incidents
-15 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
806
JUNE 2026
805
MAY 2026
802
APRIL 2026
803
MARCH 2026
803
FEBRUARY 2026
803
JANUARY 2026
803
DECEMBER 2025
824
Breach
13 Dec 2025 • HD
The Home Depot: Leaked Home Depot credential exposed internal systems for a year
Home Depot Credential Leak
801
LOW-23
THE1765591280
Home Depot Ignored Security Researcher’s Warning About Exposed Credential
Security researcher Vinny Troia (operating under the alias "Zimmerman") disclosed that Home Depot failed to respond to multiple alerts about a publicly exposed credential, despite his history of reporting similar vulnerabilities to other companies. Troia, who has previously notified organizations about security risks, stated that Home Depot was the only company to ignore his warnings.
The exposed credential was removed from public view only after TechCrunch reached out to Home Depot last week. The incident highlights potential gaps in the company’s vulnerability disclosure process, though no details were provided on whether the credential was misused or the extent of its exposure. The case underscores the risks of unaddressed security alerts in enterprise environments.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
NOVEMBER 2025
824
OCTOBER 2025
830
Cyber Attack
06 Oct 2025 • HD
Home Depot
Scattered Lapsus$ Hunters Data Leak Extortion Campaign Targeting Salesforce Customers
823
CRITICAL-7
THE5692256100625
Home Depot was listed among the 39 victims of the Scattered Lapsus$ Hunters cybercrime group, which breached corporate Salesforce instances via social engineering. The stolen data includes personal and contact information of customers, employees, and partners, with specific risks tied to a dedicated file containing government employees' details—names, email/postal addresses, and phone numbers. This exposure heightens risks of targeted phishing, fraud, and even political violence against individuals. The breach also involves sensitive data like account IDs, dates of birth, passport/Social Security numbers, and purchase histories, which could fuel identity theft or financial fraud. The group threatens to publicly leak the data unless a ransom is paid by October 10, 2025, leveraging pressure through a dark web leak site. Salesforce denies platform compromise but acknowledges extortion attempts linked to past incidents.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
SEPTEMBER 2025
830
AUGUST 2025
830
SEPTEMBER 2014
769
Breach
01 Sep 2014 • HD
Home Depot
Home Depot Data Breach
723
CRITICAL-46
THE500050824
In one of the most significant cybersecurity breaches impacting the retail sector, Home Depot faced a formidable cyber attack between April and September 2014. Using a third-party vendor's login credentials, attackers infiltrated Home Depot’s network, then deployed sophisticated malware designed to infect the retailer’s POS system, aiming to harvest customer payment information. This breach had a massive scope, affecting 52 million customers. It caused considerable financial and reputational damage to the company. Home Depot subsequently agreed to pay $17.5 million to settle claims across the country, linked to this incident. However, this sum was only a part of the overall financial impact on Home Depot, which incurred pretax expenses of $198 million related to the breach, its aftermath, and subsequent litigation by customers, payment card issuers, and financial institutions before reaching the settlement. This event underscores the critical importance of stringent cybersecurity measures and the potential consequences of vulnerabilities within third-party vendor systems.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
JUNE 2014
797
Breach
16 Jun 2014 • HD
Home Depot
Home Depot Data Breach
766
CRITICAL-31
THE423051424
In 2014, Home Depot experienced a major security breach that compromised over 50 million credit cards. Cybercriminals exploited a third-party vendor’s credentials to access the network and install malware on point-of-sale systems. As customers swiped their credit cards at physical stores, their data was clandestinely captured by the attackers, posing serious privacy and financial risks.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
APRIL 2014
817
Breach
01 Apr 2014 • HD
The Home Depot, Inc.
Home Depot Data Breach
795
CRITICAL-22
THE527072725
The California Office of the Attorney General reported a data breach involving The Home Depot, Inc. on September 9, 2014. The breach potentially impacted customers using payment cards at Home Depot stores in the U.S. and Canada from April 2014 onward, involving payment card information including names, credit card numbers, and expiration dates. There is no evidence that debit PIN numbers were compromised.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
FEBRUARY 2014
853
Breach
10 Feb 2014 • HD
The Home Depot, Inc.
Data Breach at The Home Depot, Inc.
817
HIGH-36
THE1011072525
The California Office of the Attorney General reported a data breach incident involving The Home Depot, Inc. on February 10, 2014. The breach relates to unauthorized access by three HR associates to the personal information of current and former associates, potentially including names, contact information, social security numbers, and financial account numbers. However, the exact number of affected individuals and the breach date were not specified.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for HD ??
What was HD's A.I Rankiteo Cyber Score in June 2026 ??
What was HD's A.I Rankiteo Cyber Score in May 2026 ??
What was HD's A.I Rankiteo Cyber Score in April 2026 ??
What was HD's A.I Rankiteo Cyber Score in March 2026 ??
What was HD's A.I Rankiteo Cyber Score in February 2026 ??
What was HD's A.I Rankiteo Cyber Score in January 2026 ??
What was HD's A.I Rankiteo Cyber Score in December 2025 ??
What was HD's A.I Rankiteo Cyber Score in November 2025 ??
What was HD's A.I Rankiteo Cyber Score in October 2025 ??
What was HD's A.I Rankiteo Cyber Score in September 2025 ??
What was HD's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on HD's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with HD ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view HD's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?