In the midst of holiday shopping Staples released a statement last week saying that an attack by hackers may have compromised as many as 1.6 million payment cards used by customers at some of their stores earlier in the year. During this attack hackers had access to cardholder data, including names, card numbers, expiration dates and verification codes.
In early October the office-supply retailer first announced that a breach may have occurred over the summer and that they were working with law enforcement officials to determine if customers’ credit and debit card information had been breached by hackers.
Like the cyber attacks at Target and Kmart earlier this year, malware infiltrated Staples point-of-sale systems. The breach affected 113 stores out of 1,400 located throughout the U.S., from July 30 through September 16th.
The malware was first detected in mid-September, and removed from the system at that time. The office supply chain also took steps to beef up security. A data security firm was also brought on to assist with the investigation and work with law enforcement agencies to determine the full extent of the breach.
Staples said based upon the results of the investigation that the malware affected customers information in stores located in 30 states from the east to the west coast.
Credit clean up on Staples
Staples suggests that customers who shopped at the affected stores monitor their account statements and contact their banks if they see any suspicious activity.
Staples is offering customers who bought merchandise using a credit or debit card at the affected stores during that time free credit monitoring, as well as other services including identity theft insurance and a free credit report. These services will remain in place for one year.
Staples, Inc. is an office supply store, selling furniture, equipment, electronics and office supplies. They have 2,000 stores located in 26 countries around the world.