Home Depot Credit Card Data Breach
A Home Depot location is seen in Niles, Illinois. The home improvement retailer revealed a big security breach a week after investigative reporter Brian Krebs reported it. Reuters/Jim Young

Home improvement shoppers might have reason to worry about their credit card information. Home Depot Inc. (NYSE:HD) told the Associated Press Tuesday it is looking into “unusual activity” -- possibly a credit card data breach -- and is working with banks and law enforcement to sort out the issue.

"Protecting our customers' information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers," Paula Drake, a Home Depot spokeswoman, told the AP, though she declined to elaborate. She said if the retailer, based in Atlanta, confirms a breach occurred, it will notify customers immediately.

Home Depot’s suspicions come amid recent reports more than 1,000 U.S. businesses were affected by the same cyberattack that hit Target Corp. (NYSE:TGT) cash register systems during the 2013 winter holiday shopping season, leaving more credit card data exposed to hackers than initially thought. In the Target attack, 40 million credit and debit card accounts were compromised in a three-week period, and hackers stole personal information from as many as 70 million customers.

Brian Krebs, a computer-security expert who runs the blog KrebsOnSecurity.com, first reported the possible data breach at Home Depot, the AP said. Krebs said multiple banks reported “evidence that Home Depot stores may be the source of a massive new batch of stolen credit and debit cards.”

The breach may have started in late April or early May. Krebs said it is unclear how many stores were affected, but a preliminary analysis indicates the breach could have hit all 2,200 Home Depot stores in the United States.

"If that is accurate -- and if even a majority of Home Depot stores were compromised -- this breach could be many times larger than Target," the Krebs post said. The expert added the hackers responsible for the Home Depot intrusion could be the same group of Russian and Ukrainian cybercriminals suspected in the Target case, the AP noted.

The Target data breach cost the company, headquartered in Minneapolis, more than $200 million and led Gregg Steinhafel, then CEO, to resign in May. Target has since been rolling out a $100 million plan to install chip-based credit card technology in all of its nearly 1,800 stores.