Skip to main content

Staples May Be the Latest Target in String of Credit Card Hacks - The Boston Globe

October 23, 2014

Staples May Be the Latest Target in String of Credit Card Hacks - The Boston Globe

The Boston Globe, By Jack Newsham

With breaches of personal and financial data becoming a seemingly routine occurrence, another major retailer is looking into a possible hacking attack: Staples Inc.

The Framingham-based office-supply company disclosed Tuesday that it is investigating “a potential issue involving credit card data,” but did not release additional details.

On Monday, Brian Krebs, who writes a widely followed blog on cybercrime, reported that the attack on Staples initially appeared to be confined to several stores in Pennsylvania, New York, and New Jersey.

If the breach is confirmed, Staples would be the latest of many consumer brands that have fallen prey to hackers. Since retailer Target Corp. was hacked in late 2013, hundreds of millions of credit card records and personal records, such as names and phone numbers, have been stolen from sandwich shops, grocery stores, and financial institutions — affecting as many as 6 out of 10 Americans, according to Chester Wisniewski, a senior security analyst at the antivirus company Sophos.

“We’re not even a year out from Target and there’s been 15 or 20 major American brands breached,” said Wisniewski. “If you process cards, you definitely have a target on your back.”

Throughout 2014, consumers have been rocked by a steady drumbeat of large-scale hacking attacks. In September, Home Depot, the home-improvement supplier with 2,200 stores across the United States, said that some 56 million customers had their payment card data stolen over a five-month period.

That same month, sandwich chain Jimmy John’s said customers at 216 of its restaurants may have had their card information exposed.

In October, financial giant JPMorgan Chase & Co. said that contact information, such as phone numbers and e-mail addresses for 83 million account holders had been taken. However, the bank said thieves did not obtain even more sensitive data, such as Social Security numbers or log-in credentials of its customers.

News reports of the JPMorgan Chase attack suggested that nine other banks were also targeted. And on Oct. 10, Illinois-based retailer Kmart said an undetermined amount of credit and debit card information was stolen by hackers.

In Massachusetts, companies reported 1,821 instances of data theft in 2013, but many of those were banks reporting individual cardholders, according to Jayda Leder-Luis, a spokeswoman for the state’s Office of Consumer Affairs and Business Regulation.

Dennis Fisher, the Boston-based editor of the Threatpost news service published by computer security firm Kaspersky Lab, said electronic payment systems have multiple points that hackers can attack. Read more.

Staples May Be the Latest Target in String of Credit Card Hacks - The Boston Globe

Staples May Be the Latest Target in String of Credit Card Hacks - The Boston Globe
Kaspersky logo

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect individuals, businesses, critical infrastructure, and governments around the globe. The company’s comprehensive security portfolio includes leading digital life protection for personal devices, specialized security products and services for companies, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help millions of individuals and nearly 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Related Articles Press Releases