Hard to believe, but right here on the Internet on an underground site is where thousands of people's debit and credit card numbers reportedly were found for sale.
A cyber security reporter broke the story. Richard Krebs says he was told the common denominator is the use of a debit or credit card at a Home Depot store.
I emailed Home Depot and was told they're investigating some unusual activity, and are now working with their banking partners and law enforcement.
Home Depot says it doesn't want to speculate about the breach and will notify customers as soon as it's confirmed. But experts say if it's true, this breach could be massive.
We're told hackers may have been in Home Depot's computer system from late April until now. By comparison, Target's data breach lasted three weeks, netting crooks 40 million credit cards.
Additionally, Goodwill announced Tuesday that customer data had been stolen from 300 of their stores across the country, including six in Colorado Springs. Other stores affected include locations in Fountain, Pueblo, Canon City and Woodland Park.
The best thing to do now is check your credit and debit card statements. I recommend doing it everyday. And don't just look for the big stuff. Call your credit card company if you spot any $1 or $2 charges. Thieves often try out your card with a small charge first and then make massive charges right after that.
If you notice charges you know you didn't make, call your bank, ask it to cancel the card immediately and send you a new one.
Keep an eye on your mail. If you start getting bills from businesses you never visited, it could mean your identity's been compromised.
Also consider getting a chip credit card. The embedded microchip makes it hard for crooks to copy your card. All of your information's encrypted and each transaction is given a unique number.