What happened?

Staples, Inc, the world’s largest office supply chain, is investigating a potential data breach of customer payment card information.

Independent security expert, Brian Krebs, was first to publicize his initial suspicions after receiving evidence from more than a half-dozen financial institutions:

“Multiple banks say they have identified a pattern of credit and debit card fraud suggesting that several Staples Inc. office supply locations in the Northeastern United States are currently dealing with a data breach.”

Staples acknowledges that consumer payment card data may have been exposed. They have since contacted law enforcement authorities and are working with them to resolve the matter.

Currently, the attack appears centralized in select stores in Pennsylvania, New York and New Jersey. Given that Staples owns nearly 2,000 retail locations, this breach has the potential to become disastrous. The company is hopeful that the full extent of the breach will be understood in the upcoming days.

The breach comes just days after Staples announced its smartphone app would now support Apple Pay, a new payment method developed with the primary purpose of increasing security.

What should you do?

Customers who used their payment card at Staples — especially in the Northeast U.S. — should take the following precautionary measures immediately:

  1. Monitor your bank statements for unusual transactions
  2. Check your credit report
  3. Report any unusual activity; remember, credit card companies will not hold customers liable for fraudulent charges as long as they are reported quickly
  4. Contact your financial institution to set up email or text alerts for your credit or debit cards
  5. Stay up-to-date with new fraud and identity theft developments