With every passing week, there is a new reminder that retailers and their systems are under the constant threat of attack. Now Staples (NYSE:SPLS) is the latest retailer to suffer. The office-supply chain announced it is investigating a possible breach, and that it has contacted law enforcement and informed the public.
"Staples is in the process of investigating a potential issue involving credit card data and has contacted law enforcement," Mark Cautela, Staples' senior public relations manager, said in a statement late Monday. "We take the protection of customer information very seriously, and are working to resolve the situation."
The investigation was disclosed after cyber-security reporter Brian Krebs reported that several Staples stores in the northeast region had been compromised.
Sources at more than a half-dozen banks operating on the East Coast told Krebs that customer credit card data looks to have been stolen from several Staples locations "including seven Staples stores in Pennsylvania, at least three in New York City, and another in New Jersey."
The list of compromised retailers is long: Target (NYSE:TGT), Michaels, Sally Beauty, P.F. Changs, Home Depot (NYSE:HD), Supervalu and now Staples. Retailers have begun converting to chip-and-PIN, or EMV card technology, ahead of the October 2015 deadline, but still the breaches continue.
Security specialists and consultants tell FierceRetailIT that cyber attacks will not only continue, but are likely to increase in frequency ahead of EMV's implementation, as hackers step up efforts before tighter security is in place. And in spite of a steady stream of security breaches, retailers continue to be largely unprepared.
- See this Reuters article
- See this Krebs On Security blog post
Supervalu becomes latest data breach victim
Supervalu's future lies in wholesale
Home Depot breach affects 56M debit, credit cards
Target breach cost $148 million; tech hub opens in Silicon Valley
Retailers still unprepared for security breaches