Home Depot said Thursday that its recent cyber attack put an estimated “56 million unique” credit and debit cards at risk.

The company said the security criminals used malware not previously seen in other attacks and that it had been present between April and September of this year.

The Atlanta-based home improvement giant began investigating the breach Sept. 2 second after being notified by banks and law enforcement.

“We apologize to our customers for the inconvenience and anxiety this has caused, and want to reassure them that they will not be liable for fraudulent charges,” said Frank Blake, Home Depot’s chairman and chief executive officer. “From the time this investigation began, our guiding principle has been to put our customers first, and we will continue to do so.”