Staples Inc., the worlds largest office-supply chain, is investigating a potential breach of customer credit-card data, becoming the latest retailer to confront a threat from hackers in recent months.
Staples has contacted law enforcement authorities and is working to resolve the matter, according to Mark Cautela, a spokesman for the Framingham, Massachusetts-based company.
If Staples discovers an issue, it is important to note that customers are not responsible for any fraudulent activity on their credit cards that is reported on a timely basis, he said in an e-mail.
The potential data theft adds to a wave of breaches at companies such as Home Depot Inc., Target Corp., Sears Holdings Corp.s Kmart chain and Neiman Marcus Group Ltd. that have put pressure on retailers to bolster security. The Staples incident, reported earlier by independent journalist Brian Krebs, may involve the theft of card information from Staples locations in the Northeast.
At least three stores in New York, seven in Pennsylvania and one in New Jersey may have been targeted, according to unidentified officials at banks in the East Coast cited by Krebs, who investigates hacker attacks. The fraudulent charges occurred at other businesses such as supermarkets, indicating that cash registers in at least some store locations may have fallen victim to card-stealing malware, Krebs reported yesterday.
The data-breach probe comes as Staples grapples with a broader retail slump and increased competition from online rivals. In August, the company announced it will shut about 140 locations this year as part of a plan to streamline its operations.