NEW YORK (Reuters) – Staples Inc is investigating a possible breach of payment card data and has contacted law enforcement about the matter, making it the latest US retailer to become a possible victim of a cyberattack.
“Staples is in the process of investigating a potential issue involving credit card data and has contacted law enforcement,” company spokesman Mark Cautela said in a statement late Monday.
The office-supply retailer disclosed the investigation after security reporter Brian Krebs reported on his blog Krebsonsecurity.com that several banks have identified a pattern of payment card fraud suggesting that several Staples stores in northeastern United States had succumbed to a data breach. “We take the protection of customer information very seriously, and are working to resolve the situation,” Cautela said.
“If Staples discovers an issue, it is important to note that customers are not responsible for any fraudulent activity on their credit cards that is reported on a timely basis.”
Staples did not provide additional details of the data breach. Earlier this month, Sears Holdings Corp said it was the victim of a cyberattack that likely resulted in the theft of some customer payment cards at its Kmart stores. Restaurant chain Dairy Queen, owned by Berkshire Hathaway Inc, also said that it may have compromised payment card information of customers across 46 US states.