The Home Depot says its investigation into the breach began on September 2nd, the same day that reports surfaced that said the retailer was the next in a string of large companies to be targeted by hackers. The hardware giant is focusing its investigation from April onwards, suggesting that the hackers behind the breach were able to skim customer data from the stores' payment systems for up to five months without being detected. The company is yet to say specifically that credit card details were stolen, but the measures it has offered to affected customers suggests that's the case. Those who shopped at Home Depot stores in North America have been offered credit monitoring and ID protection services for free by the company, and Frank Blake, The Home Depot chairman and CEO, said customers would not be responsible for any fraudulent charges to their accounts.

The implication of the breach is yet to be confirmed, but Home Depot says there's no evidence that credit and debit card PINs were stolen. The scale of the breach is also still unclear, but it could affect more people than any previous attack. US retailer Target was the victim of a similar attack last year which made credit card details for 40 million people available to hackers. Target has 1,800 branches across the US; Home Depot has 2,200.