FRAMINGHAM, MA – Framingham Massachusetts based office supply retailer Staples, Inc. has released updated info on the recent data breach involving 1.16 Million customer’s info from its retail point-of-sale systems.
In mid-September 2014, Staples’ data security staff detected criminals had deployed malware to point-of-sale systems at 115 of Staples U.S. retail stores.
Customer data at Staples’ Framingham MA retail store was not involved.
The malware allowed transaction data at affected stores, including cardholder names, payment card numbers, expiration dates, and card verification codes to be stolen by the hackers.
The malware allowed access to this data from approximately July 20, 2014 through September 16, 2014.
Like most other large retailers hit by similar hacks, Staples is offering free identity protection services, including credit monitoring, identity theft insurance, and a free credit report, to customers who used a payment card at any of the affected stores during the relevant time periods.
During the period of time, Staples found fraudulent payment card use related to four stores in Manhattan, New York – but found no malware or suspicious activity related to the payment systems at those stores.
Locally, stores in four Massachusetts towns were hit by the malware including: Shrewsbury, (571 Boston Tpke. ) , Plymouth (131 Samoset St. / Rte. 44), Seekonk (179 Highland Ave.) , and Salem, (17 Paradise Rd.) were affected.
A complete List of Staples’ Stores Hit by Malware can be viewed or downloaded (in PDF format) found here: 2014-STAPLES-Data-Breach-List-of-Stores
Customers who shopped at listed Staples stores between August 10, 2014 September 16, 2014 should review their account statements and notify their card issuers of any suspicious activity.
###