back to top

Staples Investigates Potential Credit Card Breach

Stores in New York, Pennsylvania, and New Jersey may have been targeted by hackers. A lot of businesses get their goods from the company.

Posted on

Staples, the world's largest office-supply chain, is investigating a potential credit card breach at several Northeast locations, Bloomberg reported.

Bloomberg/Bloomberg via Getty Images

A shopper enters a Staples Inc. store in New York.

Customers' credit card information may have been stolen from several Staples stores including at least three in New York, one in New Jersey, and seven in Pennsylvania, Brian Krebs, an independent journalist first reported.

Mark Cautela, a spokesman for the company, told BuzzFeed News that Staples is working with law enforcement to resolve the matter.

"If Staples discovers an issue, it is important to note that customers are not responsible for any fraudulent activity on their credit cards that is reported on a timely basis," Cautela said in a statement. "We take the protection of customer information very seriously."

From KrebsonSecurity:

The fraudulent charges occurred at other (non-Staples) businesses, such as supermarkets and other big-box retailers. This suggests that the cash registers in at least some Staples locations may have fallen victim to card-stealing malware that lets thieves create counterfeit copies of cards that customers swipe at compromised payment terminals.

Staples is the latest retailer to face data theft information. Other large retailers, including Home Depot, Kmart, Target, and Neiman Marcus have faced credit card breaches.

Tasneem Nashrulla is a reporter for BuzzFeed News and is based in New York.

Contact Tasneem Nashrulla at tasneem.nashrulla@buzzfeed.com.

Got a confidential tip? Submit it here.

Promoted