Club Benefits
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Daily (Mon-Sun)
Tom's Guide Daily
Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.
Weekly on Thursday
Tom's AI Guide
Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!
Weekly on Friday
Tom's iGuide
Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.
Weekly on Monday
Tom's Streaming Guide
Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.
Join the club
Get full access to premium articles, exclusive features and a growing list of member rewards.
Eh sorry! Home Depot Canada is red-faced after sending out hundreds of order-pickup notifications to the wrong people.
"Hey um... I'm pretty sure I received a reminder email for literally every online order that is currently ready for pick up at literally every Home Depot store in Canada," tweeted Spencer Monckton, a graduate student in Toronto, yesterday (Oct. 28). "There are 660+ emails. Something has gone wrong." (This story was first reported by Bleeping Computer.)
@HomeDepotCanada Hey um... I'm pretty sure I received a reminder email for literally every online order that is currently ready for pick up at literally every Home Depot store in Canada. There are 660+ emails. Something has gone wrong. pic.twitter.com/mBcO40Ge3oOctober 28, 2020
- What to do after a data breach: A step-by-step guide
- The best identity-theft protection services
- New: iPhone 13 Flip leak just revealed Apple's secret weapon
"This is a VERY serious data breach that has affected at least 900 consumers, not just in-store pick-up," tweeted Bethany Frances of the London, Ontario area. "My ONLINE ORDER was sent to 300 people, and I received the ONLINE ORDERS of 43 others. Names, home addresses, order info and credit card info was all shared :("
This is a VERY serious data breach that has affected at least 900 consumers, not just in-store pick-up. My ONLINE ORDER was sent to 300 people, and I received the ONLINE ORDERS of 43 others. Names, home addresses, order info and credit card info was all shared :( @HomeDepotOctober 28, 2020
That's all accurate, except for the bit about the credit-card information -- only the last four digits of card numbers were included in the emails, according to Bleeping Computer. Many of the emails contained the address of the Home Depot store where the order was to be picked up, but some had the customer's home address as well.
Affected Home Depot Canada customers are not facing much extra risk as a result of these emails. Crooks can't do much with only four credit-card digits. It's possible, but unlikely, that some of the recipients of this email flood might forward them to spammers who could harvest the email addresses.
Still, this is pretty embarrassing for Home Depot, and its Canadian division quickly created a boilerplate explanation, if not quite an apology, for everyone who tweeted at it complaining of the email messages.
"Thank you for reaching out to us. We are aware of what occurred this morning and can confirm that this issue has now been fixed," multiple identical Home Depot Canada tweet replies said. "This issue impacted a very small number of our customers who had in-store pick-up orders. Please DM us with any additional questions."
