Staples Breach Hit 1.16 Million Payment Cards

Staples on Friday (Dec. 19) said that it has now confirmed that at least 1.16 million payment cards were impacted in the breach it announced in September. It found malware at 115 of its more than 1,400 stores and is now reporting that "malware may have allowed access to some transaction data at affected stores, including cardholder names, payment card numbers, expiration dates, and card verification codes."

Staples also reported, without explanation, that is investigating "fraudulent payment card use related to four stores in Manhattan, New York at various times from April through September 2014" but seemed to suggest that it was an unrelated incident because, Staples said, "the investigation found no malware or suspicious activity related to the payment systems at those stores. However, out of an abundance of caution, Staples is offering free identity protection services, including credit monitoring, identity theft insurance, and a free credit report, to customers who used their payment cards at those stores during specific time periods." It is also offering similar credit monitoring at the stores where it did confirm malware.

As for those impacted stores, Staples said "at 113 stores, the malware may have allowed access to this data for purchases made from August 10, 2014 through September 16, 2014. At two stores, the malware may have allowed access to data from purchases made from July 20, 2014 through September 16, 2014" and added "Staples is committed to protecting customer data and regrets any inconvenience caused by this incident. Staples has taken steps to enhance the security of its point-of-sale systems, including the use of new encryption tools."



The How We Shop Report, a PYMNTS collaboration with PayPal, aims to understand how consumers of all ages and incomes are shifting to shopping and paying online in the midst of the COVID-19 pandemic. Our research builds on a series of studies conducted since March, surveying more than 16,000 consumers on how their shopping habits and payments preferences are changing as the crisis continues. This report focuses on our latest survey of 2,163 respondents and examines how their increased appetite for online commerce and digital touchless methods, such as QR codes, contactless cards and digital wallets, is poised to shape the post-pandemic economy.