Staples said last week that nearly 1.2 million of its customers’ credit and debit cards may have been compromised, thanks to a security breach that impacted 119 stores between April and September 2014.
Security blogger Brian Krebs first reported on the breach at the end of October after multiple banks connected a number of fraudulent transactions to cards that had been used at Staples locations in the Northeastern United States. At the time, Staples would only confirm that it was looking into a potential incident.
Now the retailer has admitted that point-of-sale systems at 115 of its stores were infected with malware that may have compromised cardholder names, payment card numbers, expiration dates and card verification codes. Staples also received reports of fraudulent payment card use at four other stores in New York between April and September, though an investigation found no malware or suspicious activity on its point-of-sale systems at these locations.
Staples claims to have eradicated the malware and enhanced its security. It also said it worked with outside security experts, as well as law enforcement and payment card companies to resolve the matter.
According to a report by Russian and Dutch security researchers, the criminals who breached Staples
also hit 15 other retailers and have stolen approximately $25 million from banks
. The group, which is believed to be Russian and Ukrainian, has hacked more than 50 Russian banks since early 2013, stealing more than 1bn roubles. Most of the attacks occurred in the last six months.
Sibos 2017 Day Two highlights: Brexit and banking, and why ‘data is the new oil’ in financial services
How nation first politics can impact global financial organisations It’s clear that data and regulation are the two key topics that are ... read more
On day one of SIBOS, panellists unanimously agreed that doing nothing to modernise payments was no longer safe bet for transaction banking.
On day one of Sibos 2017, Stefan Dab, The Boston Consulting Group led a conversation examining the future of correspondent banking, and specifically the pain points corporate treasurers face in their cross-border payments operations and where technology can be developed to alleviate these.
Rising interest rates, excitement around blockchain use cases and cross-border payments were all hot topics at this year's AFP conference in San Deigo.