SACRAMENTO (CBS SF) – Attorney General Xavier Becerra on Tuesday announced a multistate $17.5 million settlement with The Home Depot, six years after a massive data breach impacted tens of millions of customers.
According to Becerra’s office, California will receive $1.8 million, which includes terms that will require the home improvement retailer to improve data security.READ MORE: Red Flag Warning Elevates Wildfire Fears Among Bay Area Residents
“Every company like Home Depot that collects confidential personal data must put its house in order and provide reasonable data security,” Becerra said in a statement. “As today’s settlement makes clear, companies that don’t adequately secure data face serious consequences.”READ MORE: One Dead, Three Wounded In Early Sunday Morning Shooting In Oakland's Uptown Neighborhood
The data breach took place in 2014 when attackers used stolen credentials to access the retailer’s network and installed malware on point-of-sale devices at stores. Credit and debit card information from nearly 40 million customers was compromised.
Under the terms of the settlement, Home Depot must comply with “robust data security improvements,” provide security awareness and privacy training to all employees who have responsibility over consumer data or the company’s network. The retailer said it would also tighten policies and procedures on payment card security.MORE NEWS: VIDEO: Smash-and-Grab Suspects Arrested In Brazen Serramonte Center Jewelry Store Robbery
California joins the settlement with attorneys general in 45 other states and the District of Columbia.