Home Depot Settles Major Data Breach Suit with Financial Institutions for $25 Million
Client Alert | 1 min read | 03.13.17
On Wednesday, in one of the most high-profile data breach settlements to date, The Home Depot agreed to pay $25 million to settle a consolidated class action involving more than 60 nationwide financial institutions harmed by the retailer’s September 2014 data breach. That month, the home improvement giant announced that hackers had installed malware on Home Depot’s checkout kiosks and, over a five-month period, stolen credit card information of more than 56 million shoppers. Immediately thereafter, financial institutions filed more than 25 suits seeking compensation for reissuance fees and fraudulent transaction reimbursements, suits that were then consolidated before a federal court in Atlanta.
The agreement requires the retailer to establish a $25 million settlement fund to reimburse financial institutions for the reissuance of credit cards compromised by the data breach. The Home Depot has also agreed to a series of additional security measures, including implementing new safeguards developed through a risk exception process and enacting new vendor security programs.
Prior to Wednesday’s announcement, The Home Depot had already spent more than $140 million to settle claims by many of the nation’s large credit card issuers – including MasterCard, Visa, American Express, and Discover – for damages sustained in this breach.
Contacts

Partner and Crowell Global Advisors Senior Director
- Washington, D.C.
- D | +1.202.624.2698
- Washington, D.C. (CGA)
- D | +1 202.624.2500
Insights
Client Alert | 3 min read | 07.10.26
In Utech, Inc. v. United States, No. 24-1586 (Fed. Cir. June 24, 2026), the U.S. Court of Appeals for the Federal Circuit clarified that in most cases, a pre-award protest must be filed before the proposal submission deadline to avoid the Blue & Gold waiver rule. This decision, while nonprecedential, is in line with U.S. Government Accountability Office (GAO) precedent, which has long held that pre-award protests must be filed before the proposal submission deadline.
Client Alert | 5 min read | 07.10.26
Client Alert | 6 min read | 07.09.26
EU Steel Overcapacity Regulation: New Permanent Measure in Force from 1 July 2026
Client Alert | 5 min read | 07.09.26
Made in the USA? Prove It: FTC Marks America's 250th with Crack Down on Domestic Origin Claims
