The target: Home Depot, an American home improvement retailer.
The take: 53 million e-mail addresses and 56 million credit and debit accounts.
The attack vector: Beginning in April 2014 and lasting several months, attackers used compromised credentials belonging to a third-party vendor to initially breach Home Depot’s network. Once inside, they exploited unpatched Windows vulnerabilities and installed malware on self-checkout registers to skim customer information.