IE 11 is not supported. For an optimal experience visit our site on another browser.

Staples Data Breach May Have Affected More Than 1 Million Customer Cards

The hack involving point-of-sale systems at 115 of the company's 1,400 stores was announced in October.

Staples Inc. said Friday that a data security breach discovered in October may have exposed information on about 1.16 million payment cards. Hackers deployed malware to some point-of-sale systems in 115 of the office supply company's 1,400 stores. Staples said it has since eradicated the malware and hired outside experts to investigate. “Based on its investigation, Staples believes that malware may have allowed access to some transaction data at affected stores, including cardholder names, payment card numbers, expiration dates, and card verification codes,” the company said in a statement.

Staples said it received reports of fraudulent payment card use at four stores in Manhattan from April through September. However, the investigation found no malware or suspicious activity related to the payment systems at those stores, Staples said. You can find a list of affected stores and dates here. The company is offering free identity protection services — including credit monitoring, identity theft insurance a free credit report — to customers who might be at risk.


— Reuters and NBC News staff