Staples, the world's largest office-supply chain, is investigating a potential credit card breach at several Northeast locations, Bloomberg reported.
Customers' credit card information may have been stolen from several Staples stores including at least three in New York, one in New Jersey, and seven in Pennsylvania, Brian Krebs, an independent journalist first reported.
Mark Cautela, a spokesman for the company, told BuzzFeed News that Staples is working with law enforcement to resolve the matter.
"If Staples discovers an issue, it is important to note that customers are not responsible for any fraudulent activity on their credit cards that is reported on a timely basis," Cautela said in a statement. "We take the protection of customer information very seriously."
The fraudulent charges occurred at other (non-Staples) businesses, such as supermarkets and other big-box retailers. This suggests that the cash registers in at least some Staples locations may have fallen victim to card-stealing malware that lets thieves create counterfeit copies of cards that customers swipe at compromised payment terminals.
Tasneem Nashrulla is a reporter for BuzzFeed News and is based in New York.
Contact Tasneem Nashrulla at email@example.com.
Got a confidential tip? Submit it here.