Sure enough, Home Depot has just confirmed the scale of the breach. All in all, as many as 56 million payment cards were potentially exposed.
For comparison (though comparison seems a bit ludicrous when you’re dealing with numbers in the tens of millions), the Target hack exposed an estimated 40 million cards.
If there’s a bright side, it’s that Home Depot says it “confirmed that the malware used in [the breach] has been eliminated.” Curiously, they don’t give an exact date as to when it was eliminated — just that it was nixed sometime in September. So if you used your card at a Home Depot after word of the breach got out, it’s hard to say whether or not your card data was exposed.
Also curious: Home Depot claims its investigators have determined that the malware used for this breach was something previously unseen, contrary to rumors that it was the same hack used to infiltrate Target’s machines.