Ransomware victim disclosure
← All victimsHome Depot
Claimed by Hunters International · listed 9 months ago
Status timeline
- ListedOct 3, 2025
- Data leakeddate unknown
At a glance
- Status
- Data leaked
- Country
- United States
- Sector
- Consumer Services
- Listed on leak site
- Oct 3, 2025
About the victim
AI dossier — public-source company profileThe Home Depot is the largest home improvement retailer in the United States, operating over 2,300 warehouse-format stores across North America. The company sells tools, building materials, appliances, and home improvement products, and serves DIY customers, professional contractors, and the construction industry. It also offers installation services and equipment rental.
- Industry
- Home Improvement Retail
- Address
- 2455 Paces Ferry Road NW, Atlanta, GA 30339, United States
- Employees
- 500000
- Founded
- 1978
Attack summary
Severity: medium — The disclosure status is 'data_published', suggesting some data release occurred, but the leak post is flagged as AI-generated with no specific data inventory, no proof count, and no stated ransom or data size, significantly undermining confidence in the claim's substance. A large retailer like Home Depot would hold significant PII, but no specifics are evidenced here.Hunters International claims to have attacked Home Depot and has published data, though no ransom amount or specific data volume is stated. The leak post content appears to be AI-generated and provides no specific details about exfiltrated data types or operational impact.
Original description
AI-summarised, not from the leak postHome Depot is the largest home improvement retailer in the United States. It is a one-stop-shop for tools, construction products, and various services. The company caters to do-it-yourself (DIY) customers, professional contractors, and the construction industry. It offers installation services and tool and equipment rental in addition to selling a litany of home improvement items.
Source
Indexed 9 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

