Breach, Data Security

Staples incident possibly connected to Michaels breach, report indicates

Citing an unnamed source close to the investigation, technology journalist Brian Krebs reported on Monday that malware found in Staples stores was observed to be communicating with command-and-control networks used by attackers in the Michaels payment card breach.

Staples said in October that it is investigating a potential issue involving credit card data, shortly after Krebs reported on a pattern of credit and debit card fraud being linked to the office supplies retailer.

Mark Cautela, a Staples spokesperson, told Krebs in a statement that malware used in the intrusion is believed to have been eradicated, but an investigation is still ongoing into whether or not transaction data has been compromised.

Michaels confirmed in April that malware compromised point-of-sale systems, impacting about 2.6 million payment cards from Michaels outlets, and about 400,000 payment cards from Aarons Brothers stores, a Michaels subsidiary.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.