From their web site today:
Last Tuesday, September 2, we disclosed that we were investigating a possible breach of our payment data systems. We want you to know that we have now confirmed that those systems have in fact been breached, which could potentially impact any customer that has used their payment card at our U.S. and Canadian stores, from April forward. We do not have any evidence that the breach has impacted stores in Mexico or customers who shopped online at HomeDepot.com.
We apologize for the frustration and anxiety this causes our customers.
We also want to emphasize that you will not be responsible for any fraudulent charges to your accounts, and we’re offering free identity protection services, including credit monitoring, to any customer who has shopped at a Home Depot store in 2014, from April on.
You can learn more about the identity protection services and how to sign up for them https://homedepot.allclearid.com/.
It is important to closely monitor your payment card accounts and report unusual activity to your issuing bank.
Home Depot also posted an FAQ on the breach (pdf)