Ottawa man taking on Home Depot in massive class action lawsuit
Published Tuesday, September 23, 2014 12:49PM EDT Last Updated Tuesday, September 23, 2014 6:28PM EDT
An Ottawa man is taking on retail giant Home Depot, after his credit card was compromised and fears his identity may have been stolen.
Steven Lozanski says he’s one of 56-million Home Depot customers in the U.S. and Canada who had their credit card information stolen in a massive data breach between April and September 2014.
Lozanski is working with Toronto law firm, McPhadden Samac Tuovi LLP, in launching the class action law suit against Home Depot of Canada Inc. and its American parent, The Home Depot Inc. It’s the first class action lawsuit in Ontario targeting the security breach.
The initial claim is $500 million, but that could change once lawyers get a more realistic handle on the actual extent of the losses.
Lawyers filed the lawsuit with the Ontario Superior Court of Justice on Monday, September 22, 2014.
In a news release, lawyer Bryan McPhadden says the primary objective of the lawsuit is to force large retailers like Home Depot to modify how they do things, “"After the massive data breach of customer information at Target, you would think that other major retailers like Home Depot would have taken steps to make such a breach impossible."
Lozanski, a west-Ottawa resident, says he discovered the breach after his Visa card was rejected when he tried to book a hotel for a business trip. He realized $8,000 was improperly charged against his Visa in a series of transactions in early September 2014. Lozanski said he had used that same Visa card at Home Depot just days before the fraudulent transactions. "Home Depot has not been in contact with me to tell me what personal information has been taken,” Lozanski said in the news release, “I feel I need to do this for myself and for others so that this kind of thing does not happen again."
Last week, Home Depot admitted 56 million payment cards used at its American and Canadian stores between April and September 2014 were compromised by a type of criminal software that hadn't previously been seen in other attacks.
The Atlanta-based home improvement retailer said any terminal with the malware has been taken out of service and that it completed introducing new encrypted terminals in all of its U.S. stores on Sept. 13, less than two weeks after the attack was discovered.
Home Depot says it will complete installing new encrypted terminals at its Canadian stores early next year but added they are already equipped to handle credit cards with embedded chips and personal identification numbers.
The company continues to say there is no evidence that debit card personal identification numbers have been compromised or that online shoppers were affected at homedepot.ca or homedepot.com.