Andre Yoskowitz
20 Dec 2014 1:53
Another major retailer has confirmed a security breach, this time with 1.16 million credit and debit cards compromised from office supply giant Staples.
Says the company: "Staples' data security experts detected that criminals deployed malware to some point-of-sale systems at 115 of its more than 1,400 U.S. retail stores. Upon detection, Staples immediately took action to eradicate the malware in mid-September and to further enhance its security. Staples also retained outside data security experts to investigate the incident and has worked closely with payment card companies and law enforcement on this matter.
Based on its investigation, Staples believes that malware may have allowed access to some transaction data at affected stores, including cardholder names, payment card numbers, expiration dates, and card verification codes. At 113 stores, the malware may have allowed access to this data for purchases made from August 10, 2014 through September 16, 2014. At two stores, the malware may have allowed access to data from purchases made from July 20, 2014 through September 16, 2014."
Staples is offering anyone affected a free year of identity theft protection including credit monitoring and identify theft insurance.
Source:
Staples