The company, which confirmed the breach in September, said the files that contained the email addresses did not include passwords, payment card information or other sensitive personal information. Home Depot, which had estimated that the theft would cost about $62 million, was one of a string of U.S. Criminals used a third-party vendor’s user name and password to enter the perimeter of its network, Home Depot said in a statement on Thursday.