NEW YORK — Hackers stole 53 million email addresses this year in addition to customers’ card data, Home Depot said Thursday.

The nation’s largest home improvement chain had disclosed the massive, months-long breach of 56 million debit and credit cards in September.

The file containing the email addresses did not contain passwords or other sensitive personal information, Home Depot said. However, it said customers should be on guard against phishing scams, which are sent through texts or emails and try to trick people into disclosing personal information.

The company is notifying affected customers in the U.S. and Canada.

Home Depot also explained how the hackers got into its system. It said they initially accessed its network in April with a third-party vendor’s username and password. The hackers stole information through malware installed on self-checkout systems in the U.S. and Canada. That’s similar to what happened in a massive data breach at Target, where thieves hacked into the password of a third-party supplier.

Home Depot said the breach investigation and efforts to further enhance its security measures are ongoing.

Target’s breach pushed banks, retailers and card companies to increase security by speeding the adoption of microchips in U.S. credit and debit cards, which supporters say are more secure. Home Depot reiterated Thursday that it will be activating chip-enabled checkout terminals at all of its U.S. stores by the end of the year.