Home Depot already confirmed a few days ago it has been the victim of an elaborate cyber attack, without providing specific details about the number of users that may have been affected in this new credit and debit card data heist. The company on Monday again confirmed that hackers managed to get in its in-store payment systems,The New York Times reports, and the new attack may be even bigger than the similar breach that occurred in late 2013 at Target.

Home Depot confirmed on Monday that hackers had broken into its in-store payments systems, in what could be the largest known breach of a retail company’s computer network. The retailer said the exact number of customers affected was still not clear. But a person briefed on the investigation said the total number of credit card numbers stolen at Home Depot could top 60 million. By comparison, the breach last year at Target, the largest known attack to date, affected 40 million cardholders. The breach may have affected any customer at Home Depot stores in the United States and Canada from April to early last week, said Paula Drake, a company spokeswoman. Customers at Home Depot’s Mexico stores were not affected, nor were online shoppers at HomeDepot.com. Personal identification numbers for debit cards were not taken, she said. Home Depot has not yet confirmed other details.