Breach Brief: Staples confirms data breach affected 1.16M payment cards

Staples has revealed that 1.16 million payment cards may have been affected in a series of data breaches that occurred over the summer. The office supply chain joins a growing list of retailers — which includes Target, Home Depot, Kmart and Neiman Marcus — that have had their payment systems breached by hackers in recent months.

What happened? An in-house investigation has detected malware at some point-of-sale systems throughout 115 locations, the company said in a press release. Staples has more than 1,400 U.S. retail stores.

What information was breached? From August 10 through September 16, 2014, the malware allowed access to cardholder names, payment card numbers, expiration dates and card verification codes at the infected stores, the retailer noted. It also enabled the cyber criminals to obtain data from purchases at a pair of stores dating back to July 20.

What they’re saying: Staples is currently offering free identity protection services and a free credit report to customers who used a payment card at any of the affected stores during the relevant time periods.

With the number of breaches on the rise, can you ensure that your network is protected? In the meantime, don’t forget to read up on the latest security trends, topics and more here.

Breach Brief: Staples says probing possible data breach

Staples is investigating a possible breach of payment card data, making it the latest U.S. retailer to become a victim of a cyberattack.

What happened? Security blogger Brian Krebs reported that multiple banks have identified a pattern of credit and debit card fraud suggesting that several office chain’s locations in the northeast are currently dealing with a data breach. Experts believe the cyber criminals are using a form of the same malicious software Backoff used in the Target, Home Depot and Dairy Queen attacks, among a number of others.

What information was breached? According to more than a half-dozen banks, it appears likely that thieves have succeeded in stealing customer card data from seven Staples stores in Pennsylvania, at least three in New York City, and another in New Jersey.

What they’re saying: Staples has issued a statement saying that they are “in the process of investigating a potential issue involving credit card data and have contacted law enforcement… We take the protection of customer information very seriously, and are working to resolve the situation. If Staples discovers an issue, it is important to note that customers are not responsible for any fraudulent activity on their credit cards that is reported on [in] a timely basis.” 

With the number of breaches on the rise and security at our core, learn how Atmel has you covered.