Menu
Staples says hack may have compromised 1 million-plus payment cards

Staples says hack may have compromised 1 million-plus payment cards

The attack hit stores in 35 states from California to Connecticut

The data breach at the Staples office-supply chain may have affected roughly 1.16 million payment cards as criminals deployed malware to point-of-sale systems at 115 stores, the company said Friday.

The affected stores cover 35 states from California to Connecticut, according to a list Staples released Friday. The chain has more than 1,400 stores in the U.S.

The malware, which allowed the theft of debit and credit card data, was removed in mid-September upon detection, Staples said. The retailer had previously confirmed the incident in October. A previous report from security researcher Brian Krebs around that time cited fraudulent transactions traced to cards that were used for purchases at Staples stores in the Northeastern U.S., but apparently the attack was much wider than that.

The malware may have allowed access to transaction data including cardholder names, payment card numbers, expiration dates, and card verification codes, for purchases made between Aug. 10 and Sept. 16, Staples said Friday.

At two of the stores, the malware may have involved purchases over an even longer period, from July 20 through Sept. 16. Staples has posted a list of all the stores involved on its site.

Staples is offering free identity protection services, including credit monitoring, identity theft insurance, and a free credit report, to any customer who used a payment card at any of the affected stores during the relevant time periods.

Staples is another in a long line of retailers to have had sensitive data stolen this year. The addition of chips to payment cards, used in most of the world but not often in the U.S., could help prevent future attacks. But a broad rollout of the technology may take a long time.

Zach Miners covers social networking, search and general technology news for IDG News Service. Follow Zach on Twitter at @zachminers. Zach's e-mail address is zach_miners@idg.com


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags securitymalwaredata protectiondata breachStaples

Featured

Slideshows

Meet the leading female front runners of the Kiwi channel

Meet the leading female front runners of the Kiwi channel

Reseller News honoured the leading female front runners of the New Zealand channel at the 2018 Women in ICT Awards (WIICTA) in Auckland. The awards honoured standout individuals across seven categories, spanning Entrepreneur; Innovation; Rising Star; Shining Star; Community; Technical and Achievement.

Meet the leading female front runners of the Kiwi channel
Meet the top performing customer-centric Microsoft channel partners

Meet the top performing customer-centric Microsoft channel partners

Microsoft honoured leading partners across the channel following a year of customer innovation and market growth in New Zealand. The 2018 Microsoft Partner Awards recognised excellence within the context of the end-user, spanning a host of emerging and established providers.

Meet the top performing customer-centric Microsoft channel partners
Reseller News launches new-look Awards at 2018 Judges’ Lunch

Reseller News launches new-look Awards at 2018 Judges’ Lunch

Introducing the Reseller News Innovation Awards, launched to the channel at the 2018 Judges’ Lunch in Auckland. With more than 70 judges now part of the voting panel, the new-look awards will reflect the changing dynamics of the channel, recognising excellence across customer value and innovation - spanning start-ups, partners, distributors and vendors.

Reseller News launches new-look Awards at 2018 Judges’ Lunch
Show Comments