56 million payment cards, 53 million emails breached and still going strong

Home Depot’s data breach made headlines again this week as it reported solid third-quarter earnings on strong US sales.

Third-quarter profit increased 14 percent compared to the same period a year ago.

It does not seem as if the home improvement retailer’s data breach—the largest retail breach of payment cards in history—had any effect on customer behavior or investor confidence. Fifty-six million payment cards and 53 million email addresses were exposed by the breach.

What breaches?

Home Depot said it could not account for all losses from the breach but it incurred $28 million of third-quarter net expenses. Home Depot said it has a $100 million insurance policy for breach-related expenses.

Home Depot’s CFO said that for the fourth quarter, the company projects about $27 million in breach-related costs—knocked down to about $6 million after insurance.

“It’s very difficult for us to be able to determine if there was any impact,” said Craig Menear, CEO during an earnings conference call. “We were very, very pleased with the fact that we had positive transaction growth in each month during the quarter and I think that represents strength for our customers, confidence in the Home Depot and we appreciate that.”

What have we learned?

Reputational risk continues to be a riddle wrapped in a mystery inside an enigma (To paraphrase Mr. Churchill). Shoppers appear not to care about credit-card data breaches.

A recent study by Advisen’s editorial staff found no strong effect on the stock performance of a breach company after a data breach.

Read the whole report: Reputational Risk Has a Bad Reputation