Staples Inc. Reports Security Breach Stole Over A Million Card Data Accounts

By Staff Reporter | Dec 19, 2014 10:09 PM EST

TEXT SIZE    

Staples Security Breach - On Friday, Staples Inc. provided an update on the security breach that was discovered last October. According to the company, the cyber-hackers stole credit and debit cards data from approximately 1.16 million accounts.

Staples Inc., an office supply retailer, reported that over a million payment cards have been affected by the security breach declared in October. As per the Reuters report, external data security specialists conducted an investigation and showed that hackers deployed malware to some point-of-sales systems at 115 stores in the United States. The malware has been eradicated as said by the company.

There are about 1,400 Staples stores nationwide, NBC News reported. According to the company, the security breach compromised customer data from Aug. 10 through Sept. 16 and at two stores, the hack began in July.

"Based on its investigation, Staples believes that malware may have allowed access to some transaction data at affected stores, including cardholder names, payment card numbers, expiration dates, and card verification codes," the company said in a statement.

Though the malware has been eradicated, Staples Inc. did not identify the cyber-hackers.

The data hacking at Staples is the latest in a series of high-profile cyber-stealing attacks on several large US retail companies over the past year. The Wall Street Journal reported the hardest struck was Home Depot Inc. last spring where 56 million card accounts were affected. While over a year ago, Target Corp, fell victim in which hackers stole data from 40 million cards.

In the midst of the Sony Pictures Entertainment cyber-hack this week, a number of companies are currently on high alert to the security of their own networks. Along with Staples, the widespread security breach also affected luxury retailer Neiman Marcus Group.

As banks typically shield clients from fraud, the damage to victimized Staples customers will be minimal. And CNN Money reported that Staples Inc. is also offering identity protection, identity theft insurance and a free credit report due to the security breach.

The company also released an apology to their valued customers that might be affected by the data hack.

"Staples is committed to protecting customer data and..." the company said.  "[Staples] has taken steps to enhance the security of its point-of-sale systems, including the use of new encryption tools."  

The Staples security breach was first reported by KrebsOnSecurity on Oct. 20, 2014, after multiple banks identified a pattern of credit and debit card fraud suggesting that several Staples office supply locations in the Northeastern United States were dealing with a data breach.

In the Staples Inc. statement released Friday, the company listed the stores affected with the security breach and the stores are not limited to the Northeastern US. When the company announced the investigation, FOX business reported that Staples' shares have increased 40.85 percent.

pre post  |  next post
More Sections