Ransomware victim disclosure
← All victimsHome Depot
Claimed by Shinyhunters · listed 9 months ago
Status timeline
- ListedOct 3, 2025
- Data leakeddate unknown
At a glance
- Group
- Shinyhunters
- Status
- Data leaked
- Country
- United States
- Sector
- Consumer Services
- Listed on leak site
- Oct 3, 2025
About the victim
AI dossier — public-source company profileHome Depot is the largest home improvement retailer in the United States, operating over 2,300 warehouse-format stores across the US, Canada, and Mexico. The company sells tools, building materials, appliances, and home improvement products to DIY consumers, professional contractors, and the construction industry. It also offers installation services and tool/equipment rental.
- Industry
- Home Improvement Retail
- Address
- 2455 Paces Ferry Road NW, Atlanta, GA 30339, United States
- Employees
- 500000
- Founded
- 1978
Attack summary
Severity: medium — Data is listed as published by a known exfiltration-focused group (ShinyHunters), but the leak post provides no specific data inventory, no proof files, no stated data volume, and the post body appears AI-generated with no verifiable technical claims, limiting confidence in actual impact.ShinyHunters claims to have compromised Home Depot and published data; the post does not specify whether encryption or exfiltration occurred, and no data size or ransom demand is stated.
Original description
AI-summarised, not from the leak postHome Depot is the largest home improvement retailer in the United States. It is a one-stop-shop for tools, construction products, and various services. The company caters to do-it-yourself (DIY) customers, professional contractors, and the construction industry. It offers installation services and tool and equipment rental in addition to selling a litany of home improvement items.
Sources
Source
Indexed 9 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

