In what is becoming a familiar narrative in the world of IT security, the recently uncovered security breach of home improvement specialist The Home Depot could have been prevented had the company listened to warnings from its own security experts.

Former employees of Home Depot’s cybersecurity team speaking on condition of anonymity have told The New York Times that red flags surrounding the company’s computer security were raised as far back as 2008.

These employees claim the company used outdated software to protect its network and rarely scanned the systems that handled sensitive customer information for vulnerabilities. Some questioned how the company could even meet industry standards for protecting customer information while one former employee even warned friends to use cash instead of plastic when shopping there.

Others said they left the company when managers dismissed their security concerns.

In a nutshell, the ex-employees claim Home Depot was slow to respond to early threats and only took action after it was seemingly too late.

If you aren’t up to speed, The Home Depot became the latest addition to a growing list of major retail chains that have been the target of (no pun intended) hackers in recent memory. Reports of the attack first surfaced early this month with the company confirming the theft of 56 million credit cards this past week.

The company says they have fixed the security vulnerability that led to the attack and it is now safe for customers to use their credit cards at their stores once again.