Categories: SecurityWorkspace

Staples ‘Investigating’ Possible Payment Card Data Breach

Staples has confirmed it has brought in law enforcement authorities to help investigate a possible security breach of its payment card systems, making it the latest major US retailer to be hit by such an attack.

“Staples is in the process of investigating a potential issue involving credit card data and has contacted law enforcement,” said Staples senior public relations manager Mark Cautela. “We take the protection of customer information very seriously, and are working to resolve the situation.”

Pattern of fraud

Cautela added that Staples customers are not responsible for fraudulent activity on their credit cards that is reported in a timely manner. Staples didn’t offer further details on the matter.

Security blogger Brian Krebs first reported the incident on Monday, citing banking sources on the East Coast.

“It appears likely that fraudsters have succeeded in stealing customer card data from some subset of Staples locations, including seven Staples stores in Pennsylvania, at least three in New York City, and another in New Jersey,” he said in a blog post.

The apparent incident follows a cyberattack on retailer Sears earlier this month affecting customers of the company’s Kmart stores. Other recent incidents have affected Dairy Queen, Home Depot, Michaels and Nieman Marcus.

While details of the Staples case are as yet unknown, several recent incidents have involved the infection of point-of-sale terminals by malware, according to Mark Bower, vice president of product management at Voltage Security.

“The only realistic way merchants can foil malware from stealing the mag stripe data is to avoid live card data arriving into the POS,” he stated. Bower said improved encryption could help eliminate such attacks.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Meta Plans Subsea Cable For Its Own Exclusive Use – Report

World spanning subsea cable measuring 40,000km (or 24,854 mile) long, reportedly being planned by Meta…

2 days ago

Canada Sues Google For Alleged Anti-Competitive Conduct In Advertising

More legal trouble. Canada's Competition Bureau sues Google for alleged anti-competitive conduct in online advertising

2 days ago

German Government Plots €2 Billion For Chip Subsidies – Report

Is it enough? After Intel disappointment, Germany to offer approximately 2 billion euros in subsidies…

3 days ago

Google Asks Appeal Court To Throw Out Epic App Store Verdict

After Epic Games 2023 courtroom victory, Google appeal argues “dramatic redesign” of Play store will…

3 days ago

Intel Says $7.86bn Grant From US Will Restrict Foundry Spin-off

Chip giant's plan for Intel Foundry to be spun off as independent subsidiary will be…

3 days ago