Staples: Customer data exposed in security breach

December 19, 2014 bySarah Skidmore Sell

Staples Inc. says nearly 1.2 million customer payment cards may have been exposed during a security breach earlier this year.

The office supply retailer announced in October that it was looking into a potential card breach, adding to a long list of retailers recently hit by cyberattacks.

Staples said Friday that an investigation shows that the criminals used malware that may have allowed access to information for transactions at 115 of its U.S. stores, which total more than 1,400. That includes cardholder names, payment card numbers, expiration dates and card verification codes.

The Framingham, Massachusetts-based company is offering free identity protection services—including credit monitoring, identity theft insurance a free credit report—to customers who might be at risk.

The affected different stores at different times between July and September.

Staples said that it has also received reports of fraudulent card use tied to four of its New York stores between April and September. While it found no evidence of malware at those stores, it is also offering the protection services to customers there as well.

A number of retailers have suffered security breaches in recent memory.

During last year's holiday shopping season, Target Corp. disclosed that it was hit with an attack that exposed details of as many as 40 million credit and debit card accounts. Home Depot announced in September that a affected 56 million debit and , and later said hackers also stole 53 million email addresses. And the cyberattack on Sony Pictures Entertainment that came into the spotlight this week has put a number of companies on high alert to attend to the security of their own networks.

Explore further: Kmart becomes latest retailer hit by data theft

Related Stories

Bebe discloses data breach

December 5, 2014

(AP)—Bebe stores Inc. said Friday that it recently detected suspicious activity on computers that run the payment processing system used for its stores, making it the latest company to disclose a data breach.

Recommended for you

Permanent, wireless self-charging system using NIR band

October 8, 2018

As wearable devices are emerging, there are numerous studies on wireless charging systems. Here, a KAIST research team has developed a permanent, wireless self-charging platform for low-power wearable electronics by converting ...

Facebook launches AI video-calling device 'Portal'

October 8, 2018

Facebook on Monday launched a range of AI-powered video-calling devices, a strategic revolution for the social network giant which is aiming for a slice of the smart speaker market that is currently dominated by Amazon and ...

Artificial enzymes convert solar energy into hydrogen gas

October 4, 2018

In a new scientific article, researchers at Uppsala University describe how, using a completely new method, they have synthesised an artificial enzyme that functions in the metabolism of living cells. These enzymes can utilize ...

1 comment

Adjust slider to filter visible comments by rank

Display comments: newest first

alfie_null
not rated yet Dec 20, 2014
Within the purview of cyber-security, only two types of companies, those who know they've been hacked, and those who haven't discovered it yet.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.