Staples: Hack may have affected more than a million payment cards
The office supply
chain says a breach that took place earlier this year gave attackers
access to cardholder names, card numbers, expiration dates and card
verification codes.
It's the latest news of an attack involving hackers placing malware, or malicious software, on point-of-sale systems. In September, home-improvement chain Home Depot said 56 million credit cards had been put at risk by such an attack. Prior to that, at the end of 2013, Target was attacked in a similar breach the chain estimated could have affected a third of the US population. Art-supply chain Michaels Stores, department store Neiman Marcus and restaurant chain P.F. Chang's have also been victims of data breaches.
Staples said the malware attack spanned the country, affecting 115 of its more than 1,400 US stores from New York to California and that it involved purchases made from late July through mid-September. Another four stores, in Manhattan, may have seen fraudulent payment card use from April through September, though no malware was detected at those outlets.
The company is offering free identity protection services -- including credit monitoring, identity theft insurance and a free credit report -- to customers who used their cards at the affected stores during the specific time periods. The company released a complete list of stores and dates, which is available online (PDF).
Staples had said in October that it was investigating a "potential issue."
"Typically, customers are not responsible for any fraudulent charges on their credit cards that are reported in a timely fashion," the company said in a statement Friday. "Staples customers who shopped at the affected stores during the relevant time periods should review their account statements and notify their card issuers of any suspicious activity."
0 comments :
Post a Comment