Home Depot Thursday confirmed it has eliminated the malware used in its recent breach attack on its U.S. and Canadian networks, according to a press release. 

The company also has completed a major payment security project that provides enhanced encryption of payment data at point of sale in the company’s U.S. stores, according to the release. Rollout of enhanced encryption to Canadian stores will be complete by early 2015. Canadian stores are already enabled with EMV chip-and-PIN technology.

The company’s ongoing investigation has determined the following: 

• Criminals used unique, custom-built malware to evade detection. The malware had not been seen previously in other attacks, according to Home Depot’s security partners. 
• The cyber-attack is estimated to have put payment card information at risk for approximately 56 million unique payment cards.
• The malware is believed to have been present between April and September 2014.

To protect customer data until the malware was eliminated, any terminals identified with malware were taken out of service, and the company quickly put in place other security enhancements, according to the press release. Home Depot said there is no evidence that debit PINs were compromised or that the breach has impacted stores in Mexico or customers who shopped online at HomeDepot.com or HomeDepot.ca.