"Staples didn't identify the attackers but said the malware got into its point-of-sale systems, which include the cash registers and terminals that handle credit card and debit card transactions. The company said it believes the hackers may have got access to shoppers’ names, card numbers, expiration dates and card verification codes," the Wall Street Journal reported.
Do you shop at Staples? Here is the full list of 115 stores infected by credit-card stealing hackers. http://t.co/CwkUt7Sgh3— Dennis K. Berman (@dkberman) 19 декабря 2014
Almost 115 stores of the supply chain were infected by the malware and perpetrators gained access to customers’ data from August 10 through September 16, 2014. Staples announced that it was also informed of fraudulent payment card use in four stores in Manhattan, New York, from April through September 2014, although the POS systems of the stores had not been infected.
The Wall Street Journal notes that the list of hacked retailers also includes Neiman Marcus Group, restaurant chain P.F. Chang's China Bistro Inc., and Goodwill Industries International Inc. stores.
"Typically, customers are not responsible for any fraudulent charges on their credit cards that are reported in a timely fashion," the statement says.
Assuring customers that the company is "committed to protecting customer data," Staples informs it has improved the security of its point-of-sale systems.