Staples says hack may have compromised 1 million-plus payment cards
The data breach at the Staples office-supply chain may have affected roughly 1.16 million payment cards as criminals deployed malware to point-of-sale systems at 115 stores, the company said Friday.
The affected stores cover 35 states from California to Connecticut, according to a list Staples released Friday. The chain has more than 1,400 stores in the U.S.
The malware, which allowed the theft of debit and credit card data, was removed in mid-September upon detection, Staples said. The retailer had previously confirmed the incident in October. A previous report from security researcher Brian Krebs around that time cited fraudulent transactions traced to cards that were used for purchases at Staples stores in the Northeastern U.S., but apparently the attack was much wider than that.