Breach, Data Security

Roughly 1.16 million payment cards may have been affected in Staples breach

Staples announced on Friday that malware infected its point-of-sale systems at 115 of its 1,400 U.S. retail stores, possibly affecting roughly 1.16 million payment cards.

Affected data includes cardholder names, payment card numbers, expiration dates and card verification codes, according to the release, which adds that Staples has taken steps to eradicate the malware.

Various locations were affected in Alabama, Arizona, California, Connecticut, Delaware, Florida, Georgia, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Maine, Maryland, Massachusetts, Michigan, Missouri, Montana, New Jersey, New York, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, South Carolina, Tennessee, Texas, Vermont, Virginia, Washington, West Virginia and Wyoming.

Most stores were affected from Aug. 10 to Sept. 16, although the dates vary, according to a list of impacted locations.

Staples is offering free identity protection and credit monitoring services to customers who used cards at affected locations.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.