Home Depot (NYSE: HD) could be the most recent retailer attacked by hackers. According to Krebs on Security, the security related blog, the breach may have compromised a large number of customers, estimated to be millions.

Home Depot retails construction and home improvement products. It operates a number of stores scattered all over the US and present in 10 Canadian provinces. It is headquartered at Atlanta Store Support Center, Greater Atlanta.

Ongoing investigation

The home improvement company confirmed to the media on September 2 that it is cooperating with banks as well as law enforcement officials with the intention of investigating what Home Depot terms as “unusual activity.” This came after Brian Krebs in his blog reported of a number of banks seeing evidence which may indicate that hackers have stolen data related to customers from the Home Depot company. Krebs has also reported that a large quantity of debit and credit card data seemed to be put up for sale on black market websites.

Krebs was formerly employed as an investigative reporter in The Washington Post. He is responsible for reporting the number of scoops-including the huge breach of data in Target (NYSE: TGT) that occurred in 2013.

Bigger than anticipated breach

According to Krebs, a number of banks are of the belief that the breach could well go much more to the past-even to early days of May 2014 or even April. This means that the hack could be much bigger than the breach that had attacked Target previously in December, resulting in compromise of the security of a massive 40 million cards.

Paula Drake, a spokeswoman for Home Depot, in her statement, assured the general public that the company is very serious about protecting information about its customers. She added that the company is actively collating facts and at the same time fully working to protect its customers. If the company confirms there is a breach, then it will notify the affected customers immediately.

Krebs has blamed Ukrainian and Russian hackers for the attack. He reported that a number of cards were put up for sale on September 2 on a website linked with the Lampeduza Republic. The Republic is a black market site peddling in stolen cards. In this case, the cards were marketed under “American Sanctions” and “European Sanctions.” It is apparent that the stolen cards were hawked as a revenge action against sanctions imposed by Western nations on Russia. The sanctions were placed due to Russia’s aggressive action against Ukraine.