Home Depot Says 53 Million More Email Addresses Stolen

A shopping cart is seen in a Home Depot location in Illinois, May 19, 2014. Jim Young/Reuters

Home Depot Inc., the world's largest home improvement chain, said about 53 million more email addresses were taken during a recent breach of its payment data systems.

In September, the company said some 56 million payment cards, including email details, were likely stolen in a cyberattack. This suggests the hacking attack was larger than last year's breach at Target Corp.

Home Depot said the stolen files that contained the additional email addresses did not include passwords, payment card information or other sensitive personal information.

Criminals used a third-party vendor's user name and password to enter the perimeter of its network, Home Depot said in a statement.

The hackers then acquired "elevated rights" that allowed them to navigate parts of Home Depot's network and to deploy unique, custom-built malware on its self-checkout systems in the U.S. and Canada.

Home Depot said its investigation, along with law enforcement and efforts to boost its security, was ongoing.

Since September, the company has implemented enhanced encryption of payment data in all U.S. stores and said the rollout to Canadian stores will be completed by early 2015.

Home Depot also reaffirmed its previous 2014 sales growth forecast of about 4.8 percent and earnings per share forecast of $4.54.

Home Depot shares closed up 1.6 percent at $97.29 per share