Skip to main content
  1. Home
  2. Web
  3. News

Customer data and images leaked from Home Depot MyInstall complaint service

Jon Martindale
By

Home Depot has been storing mountains of customer data on a publicly accessible, unencrypted page, leaving many of them vulnerable to scams and identity theft, according to Consumerist. Worse yet, some of the files found on the page were even discoverable by search engines, making them even easier to find.

It is not uncommon to discover that a large corporate entity or organization is running a website with poor security, or even leaving customer information accessible to hackers. Home Depot’s latest debacle, might not affect a large number of people but it is still pretty egregious and shows there is a myriad of ways large companies can have weak security.

Recommended Videos

As many as 8,000 customers’ details were available in a publicly accessible Excel document, alongside many images of customers themselves and their products. Discovered by a concerned tipster and forwarded to Consumerist, the leak does not contain any financial information but there is still a lot of personal data up for grabs for anyone with an inquisitive mind.

The security flaw seems to stem from Home Depot’s MyInstall program, a service which helps customers communicate with installers. The recorded data is all related to complaints to do with the service, including logged names and addresses, the nature of the complaint and in some cases photos of the problem and the customers’ buying the product in question.

Home Depot’s response to a request for comment saw it remove the data immediately and claim that although it did not see the data as a high risk, it should not have been available as it was.

Although it is arguable that the data in this leak is not of the most sensitive type, it could easily be used as the foundation for a phishing scam. Likewise, social engineering becomes far easier with this sort of information.

As it stands, we do not know why this information was as publicly available as it was, but it is possible that it was the error of an employee at Home Depot, or possibly even someone acting maliciously. It may even be something as simple as Home Depot not investing in a robust software solution for its MyInstall program.

Home Depot says it has no plans to contact affected consumers, lest that invite a phishing scam, it is urging anyone that thinks they may be affected to contact its customer service number.

The concern now is that Home Depot is unlikely to be the only company operating companion services like this with lackluster security. Although far from the fault of consumers, security breaches like this go to show why you need to take your own security very seriously. Making sure you are not using weak passwords is an important first step.

This is not the first time Home Depot has been found with less-than-ideal digital security. It recently paid more than $20 million to settle a leak in 2014, which saw hackers steal the payment and personal information of millions of its customers.

Editors' Recommendations

Topics
Jon Martindale
Jon Martindale
Computing Coordinator
Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…
How to pin a website to the taskbar in Windows
A man sits, using a laptop running the Windows 11 operating system.

Windows includes many interesting tools, but if you’re like many people, more and more of your digital life is happening in your web browser and nowhere else. That being the case, you’ll want to keep your most important websites close at hand. The easiest way to access them in Windows is the Start menu and the taskbar, treating them more or less like programs in and of themselves.

Although easy overall, getting a website from your browser to your taskbar is slightly different depending on which browser you’re using.

Read more
Amazon’s Big Spring sale: Save on TVs, laptops, appliances, and more
Amazon Big Spring sale promo image

Deal hunter or not, you'll be pleased to know that Amazon's Big Spring sale is officially underway. It's your opportunity to save on a slew of buzzworthy deals, including TVs, laptops, appliances, various electronics, and much more. It shows that you don't always have to wait for Amazon's Prime Day to capitalize on fantastic discounts. If you've been holding off on buying something, hoping for a great deal, now's the time to pull the trigger. Because the sale is so massive, we've gathered a few of our top picks below. However, we still recommend browsing the sale to see what you can find.

 
What to shop in the Amazon Big Spring sale
For starters, if you want a new tablet, Samsung, Lenovo, and Google during the sale. The Galaxy Tab A9+ is available for 19% to 23% off. Meanwhile, Google's Pixel Tablet is 19% to 25% off, depending on the model. Samsung's , and its gaming monitor is down to $140, usually $190. Or, the beautiful and much larger curved gaming monitor is $700, normally $1,300.

Read more
How to create a Subreddit on desktop and mobile
Laptop Working from Home

Few social media sites are as popular as Reddit. Regardless of what you're interested in, there's probably a thriving community for you to interact with on the platform. Known as subreddits, these communities are home to topics like gaming, world news, science, movies, and more. If you can't find a subreddit with your particular interest, Reddit makes it easy to create your own Reddit community.

Running a successful Reddit community isn't easy – but the process of starting one only takes a few minutes. Keep in mind that you'll want to keep a close eye on your subreddit to prevent it from being shut down or turning into a wasteland with no users, but running a subreddit can be a lot of fun when done properly. If you prefer, you can also create a private community that only your friends can join, giving you a place to hang out beyond Twitter and TikTok.

Read more