About 1.16 million customer payment cards were affected in an October security breach at Staples, compromising cardholder names, card numbers, expiration dates and verification codes.
The office retailer stated in a release on Friday, Dec. 19, that the criminals used malware to compromise customer data at 115 of its more than 1,400 locations. Of those affected, the malware may have allowed access to transactions made from Aug. 10 to Sept. 16, 2014 at 113 stores. At two locations, malware may have allowed access to purchases made between July 20 to Sept. 16, 2014.
Staples compiled a list of stores affected. Some states with locations affected by the breach include California, New Jersey, New York, Florida, Pennsylvania and Virginia.
Although cardholders are usually not held responsible for fraudulent charges, the company advised customers who made purchases at affected locations to check their statements and report any suspicious activity.
Because of the hack, Staples is offering free identity theft insurance, credit monitoring and a free credit report to those who made purchases at the affected locations during the specified time periods. Further information on how to avail of these services can be found at http://staples.newshq.businesswire.com/statement.
“Staples is committed to protecting customer data and regrets any inconvenience caused by this incident,” the company stated in a release. “Staples has taken steps to enhance the security of its point-of-sale systems, including the use of new encryption tools.”
Staples joins a number of other companies that have been affected by breaches in the past year, including Target, P.F. Chang’s, Michaels, Home Depot and Albertsons. (With reports from CNN and The New York Times)
(www.asianjournal.com)
(LA Weekend December 27-30, 2014 Sec. D pg.2)
