Customer data and images leaked from Home Depot MyInstall complaint service

home depot myinstall leak the
Home Depot has been storing mountains of customer data on a publicly accessible, unencrypted page, leaving many of them vulnerable to scams and identity theft, according to Consumerist. Worse yet, some of the files found on the page were even discoverable by search engines, making them even easier to find.

It is not uncommon to discover that a large corporate entity or organization is running a website with poor security, or even leaving customer information accessible to hackers. Home Depot’s latest debacle, might not affect a large number of people but it is still pretty egregious and shows there is a myriad of ways large companies can have weak security.

As many as 8,000 customers’ details were available in a publicly accessible Excel document, alongside many images of customers themselves and their products. Discovered by a concerned tipster and forwarded to Consumerist, the leak does not contain any financial information but there is still a lot of personal data up for grabs for anyone with an inquisitive mind.

The security flaw seems to stem from Home Depot’s MyInstall program, a service which helps customers communicate with installers. The recorded data is all related to complaints to do with the service, including logged names and addresses, the nature of the complaint and in some cases photos of the problem and the customers’ buying the product in question.

Home Depot’s response to a request for comment saw it remove the data immediately and claim that although it did not see the data as a high risk, it should not have been available as it was.

Although it is arguable that the data in this leak is not of the most sensitive type, it could easily be used as the foundation for a phishing scam. Likewise, social engineering becomes far easier with this sort of information.

As it stands, we do not know why this information was as publicly available as it was, but it is possible that it was the error of an employee at Home Depot, or possibly even someone acting maliciously. It may even be something as simple as Home Depot not investing in a robust software solution for its MyInstall program.

Home Depot says it has no plans to contact affected consumers, lest that invite a phishing scam, it is urging anyone that thinks they may be affected to contact its customer service number.

The concern now is that Home Depot is unlikely to be the only company operating companion services like this with lackluster security. Although far from the fault of consumers, security breaches like this go to show why you need to take your own security very seriously. Making sure you are not using weak passwords is an important first step.

This is not the first time Home Depot has been found with less-than-ideal digital security. It recently paid more than $20 million to settle a leak in 2014, which saw hackers steal the payment and personal information of millions of its customers.

Smart Home

Amazon starts crowdsourcing Alexa’s answers. What could go wrong?

Amazon announced a new resource for its Alexa voice assistant. Alexa Answers is an invitation-only program to which select Amazon customers will be invited to supply brief answers to questions that Alexa was asked but couldn't answer.

A second Wells Fargo glitch results in the foreclosure of more homes

A computer error has struck Wells Fargo once again, resulting in hundreds more homes being mistakenly foreclosed after a first glitch was reported in August. To compensate one customer, the bank sent a check for $25,000.

Google confirms Allo chat app will shut down in 2019

Another day, another messaging app reportedly shutting down. Following reports of Google Hangouts shutting down, Google Allo might be next. While Google has yet to confirm, the tech giant may be putting an end to the chat app soon.
Social Media

This band owns Twitter, according to list of top accounts and tweets for 2018

What was the biggest buzz on Twitter in 2018? Twitter's 2018 Year in Review highlights the biggest tweets, accounts, and hashtags. The most-tweeted celebrities, movies, TV shows, athletes, politicians and more in Twitter's 2018 trends.
Social Media

What do yodeling and Kylie Jenner have in common? YouTube’s top 2018 videos

In a true nod to the variety found on YouTube, the platform's top 10 list of videos from 2018 range from celebrities to sports, from perfectly tossing a picture frame on the wall to a kid yodeling in aisle 12 at Walmart.

Make a GIF of your favorite YouTube video with these great tools

Making a GIF from a YouTube video is easier today than ever, but choosing the right tool for the job isn't always so simple. In this guide, we'll teach you how to make a GIF from a YouTube video with our two favorite online tools.

Google’s updated Santa Tracker entertains and teaches coding throughout December

Google's Santa Tracker is in its fifteenth year and is back again with even more features. You can have fun with more than 20 games, learn about different holiday traditions around the world, and enjoy some festive animations.

How to change your Gmail password in just a few quick steps

Regularly updating your passwords is a good way to stay secure online, but each site and service has their own way of doing it. Here's a quick guide on how to change your Gmail password in a few short steps.

Tired of paying a monthly fee for Word? The best Microsoft Office alternatives

Looking for a competent word processor that isn't Microsoft Word? Thankfully, the best alternatives to Microsoft Office offer robust features, expansive compatibility, and an all-too-familiar aesthetic. Here are our favorites.

Worried about your online privacy? We tested the best VPN services

Browsing the web can be less secure than most users would hope. If that concerns you, a virtual private network — aka a VPN — is a decent solution. Check out a few of the best VPN services on the market.

Microsoft is ‘handing even more of online life’ to Google, Mozilla CEO says

Not everyone is happy with Microsoft's switch to Google's Chromium engine. In a new blog post, Mozilla CEO Chris Beard writes that he believes the move is "handing online life control" to Google.

Edit, sign, append, and save with six of the best PDF editors

There are plenty of PDF editors to be had online, and though the selection is robust, finding a solid solution with the tools you need can be tough. Here, we've rounded up best PDF editors, so you can edit no matter your budget or OS.

How to easily record your laptop screen with apps you already have

Learning how to record your computer screen shouldn't be a challenge. Lucky for you, our comprehensive guide lays out how to do so using a host of methods, including both free and premium utilities, in both MacOS and Windows 10.

From beautiful to downright weird, check out these great dual monitor wallpapers

Multitasking with two monitors doesn't necessarily mean you need to split your screens with two separate wallpapers. From beautiful to downright weird, here are our top sites for finding the best dual monitor wallpapers for you.