Two months after Staples said it was investigating a possible data breach, the office supplies retailer confirmed cyber criminals stole 1.16 million customer’s payment card information.
Data was compromised at 113 stores nationwide for just over a month between mid-August and mid-September, Staples said. At two other stores, the breach may have stretched back to late July.
{mosads}As has become common in retail store data breaches, the hackers got in through the company’s point-of-sale system — essentially the check-out machines.
Although the Staples hack doesn’t come close to the scale of those at Target and Home Depot — which together exposed more than 100 million customer’s payment card information — it does join the ever-growing list of breached major retailers.
The proliferation of breaches has led to much Capitol Hill discussion about possible legislation to codify federal data breach notification rules and minimum data security standards. Despite a number of 2014 hearings on the topic, no proposal came close to passage.
Staples, with more than 1,800 U.S. locations, has about the name number of stores at Target and roughly 400 fewer than Home Depot.