Staples comes clean: 1.16 million bank cards at risk after hack
Staples Inc which was subjected to a hack attack in October had previously announced a data security breach on its point of sale systems was limited to a small number of its 1400 outlets in United States. Today, Staples laid bare the actual number of payment cards that were exposed in the hack attack and it stands at a massive 1.1 million cards. The company has issued a press release in this regard to assuage the investors, stakeholders and customer confidence in the company.
Staples’s said their investigations had revealed that 115 point of sale systems of its more than 1,400 U.S. retail stores were attacked by a malware. Upon detection of the malware, Staples claims to have taken immidiate action to eradicate the threat. To this means, it has also been working with external security experts. In hindsight of the data breach and keeping with industry standards, the company will be providing free identity protection services, including credit monitoring, identity theft insurance, and a free credit report, to customers who used a payment card at any of the affected stores during the relevant time periods.
Based on its investigation, Staples believes that malware may have allowed access to some transaction data at affected stores, including cardholder names, payment card numbers, expiration dates, and card verification codes. At 113 stores, the malware may have allowed access to this data for purchases made from August 10, 2014 through September 16, 2014. At two stores, the malware may have allowed access to data from purchases made from July 20, 2014 through September 16, 2014.
As the part of the investigation, the company also came across a case of fraudulent credit card use in its Manhattan offices during the period of April to September of 2014. No malware use has been reported related to this case, but Staples is following the same security procedures as mentioned above to be on the safe side.
Overall, the company believes that approximately 1.16 million payment cards may have been affected. Specific stores and dates can be found here. “Typically, customers are not responsible for any fraudulent charges on their credit cards that are reported in a timely fashion,” the company said in the statement. Staples customers who shopped at the affected stores during the relevant time periods should review their account statements and notify their card issuers of any suspicious activity.
For more information about the report, you can access Staples report.