HIGH SEVERITYRetail

HomeDepot Data Breach

Home Depot Home Improvement Retailer Breach (Salesforce, 2025): 10.5 Million Customer Contact Records Exposed

Home improvement retail company.

Verified by ObscureIQ Intelligence
Xinf@

7.0Severity
10.5MRecords
3Fields
2025Year

ObscureIQ Breach Intelligence Scores
4.0
Breach Risk Index
10
Data Value
40
Market Recency
206
days
Since Breach

Risk Interpretation

Exposure enables phishing, payment fraud, delivery impersonation, and household targeting. Purchase history can also reveal renovation activity and improve contractor-themed scams.

🎯 Impact & Downstream Threats

Home Depot was among the approximately 39 organizations listed on the Scattered LAPSUS$ Hunters dark web leak site in October 2025. Security researchers noted the Home Depot dataset was particularly sensitive because it contained a file segment dedicated to government employees, including names, email addresses, postal addresses, and phone numbers. Some records appeared to include personal home addresses rather than work addresses, creating targeted risk for federal, state, and county workers wh

Primary downstream threats:
  • SIM swap attacks where phone numbers are present
  • Targeted phishing campaigns using exposed email addresses
  • Doxxing risk from physical address exposure

🔓 Threat Vectors

Phishing, credential stuffing & account takeover
SIM swapping, vishing & SMS phishing
Physical stalking, mail fraud & identity verification
Home targeting, stalking & physical threat

📋 Breach Intelligence

EntityHomeDepot (Home Depot)
OrganizationPublic Company • USA / Global
Breach Date2025-10-10
DBC Added2025-10-03
Added Date2025-10-03
Records~10.5M (10,549,381 records)
Attack VectorUnknown
Threat ActorScattered Lapsus$ Hunters
Data SubjectsCustomer: Direct
Breach PathwaySupply_Chain:Platform
Supply ChainSalesforce
SourceDataBreach.com / ObscureIQ
SensitivityStandard
Breach ID650.0
StatusConfirmed

📝 Executive Summary

Home Depot, the largest home improvement retailer in the United States, was caught up in a supply chain breach affecting its Salesforce platform in 2025. A threat group calling itself "Scattered LAPSUS$ Hunters" claimed responsibility and released a sample of the stolen data on October 3, 2025, with the full dataset reportedly scheduled for release on October 10. Home Depot was one of approximately 39 organizations listed on the group's dark web leak site. The incident exposed records belonging to roughly 10.5 million customers. The exposed data includes names, email addresses, phone numbers, and full home addresses including city, state, postal code, and country. For ordinary customers, this combination signals likely homeownership and ongoing property activity, details that make targeted scams more convincing. A subset of the records was dedicated to government employees, including federal, state, and county workers. Those records appear to contain personal home addresses rather than work addresses, exposing the physical locations of individuals whose government affiliation is also visible in the data. That combination creates heightened risk for identity fraud, phishing, and physical targeting. Home Depot has not made detailed public statements about its specific response to this campaign. No regulatory actions or breach notifications have been publicly confirmed as of the time of this writing. Affected individuals, particularly government workers whose home addresses were included, should be alert to contractor-themed phishing attempts, delivery impersonation scams, and unsolicited contact that references their address or home improvement activity.

🏢 About HomeDepot

Home Depot is the largest home improvement retailer in the United States, operating more than 2,300 stores across North America alongside a major e-commerce platform. The company is publicly traded on the NYSE and headquartered in Atlanta. It serves both consumer and professional contractor customers with products spanning building materials, tools, appliances, garden supplies, and home finishing goods.

Company | Home improvement retail | Hardware and building supply chain | USA / Global
Public CompanyUSA / Globalhomedepot.com

🗂 Why They Hold Your Data

Home improvement retailers collect customer identity, contact details, addresses, payment-adjacent data, order history, loyalty records, and contractor-linked transactions across retail systems.

📰 Recent Developments

Home Depot has focused on its professional customer segment as a key growth driver, investing in supply chain improvements and digital tools for contractors and trade professionals. The company acquired SRS Distribution, a specialty distributor serving roofing and landscaping trades, in 2024 for approximately $18.25 billion — its largest acquisition. Leadership has maintained focus on the Pro and online segments to offset softer consumer DIY demand.

🔍 Data Points Exposed

3 verified field types:
Email
Phone Number
Home Address

Exposure Categories

LocationPHYS ADDR

Canonical Fields

email_address, phone_number, physical_address:home

🌐 Dark Web Verification

Confirmed
  • Dataset containing ~10.5M records identified in breach intelligence sources
  • Data indexed and searchable across breach notification platforms
  • Source: homedepot-salesforce-2025

🛡 Recommended Actions

⚠️ Do not assume this is low sensitivity.

1Freeze Your Credit
Place a credit freeze with Equifax, Experian, and TransUnion.
2Expect Targeted Phishing
Watch for emails referencing this breach. Verify through official channels.
3Enable MFA Everywhere
Enable multi-factor authentication on all accounts.
4Monitor Accounts
Watch for unauthorized activity on financial and personal accounts.
5Check Your Exposure
ObscureIQ clients: this breach is indexed in your profile.

Protect Yourself

Check If You’re Affected

Enter your email to check if your data appears in this breach.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed.

High-Risk? Get an Exposure Audit

Full-spectrum exposure audits for executives and public figures.

Request Consultation

ObscureIQ Advisory

We combine proprietary dark web access with commercial and restricted breach intelligence to verify exposure and assess real-world risk.

If you are:
  • A public-facing individual
  • A high-profile executive
  • A customer of HomeDepot
  • Or concerned about credential reuse
Services
AuditsWipesThreat MonitoringTraining
Contact
Phone(855) 763-7273Emailinfo@obscureiq.com

Classification Tags

RetailEmailPhoneAddress

Powered by the ObscureIQ Breach Intelligence Database

© 2026 ObscureIQ · All Rights Reserved · Data Licensing

Latest from ObscureIQ

Credit

What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)

July 14, 2025
Every time there’s a major data breach, companies scramble to offer “free” credit monitoring. It sounds like a responsible move.…
breach economycredit freezecredit scoreequifaxexperian
Credible Threats

Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.

September 2, 2025
Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars. Over 80% of security incidents now start in the browser. Chrome.…
brave browserbreachesbrowser exploitbrowserschrome
Analysis

Sextortion Spam

May 10, 2025
Sextortion scams aren’t new, but they remain one of the most effective forms of cyber-enabled fraud. These scams don’t rely…
bitcoindeadlinefeargoogle maps apiransom