BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Edit Story

Staples Investigates Potential Data Breach In The Northeast

This article is more than 9 years old.

On Monday afternoon, Staples announced that the Staples App would now support Apple Pay-- Apple's new mobile payment system that some say will eventually make credit cards obsolete. Just a few hours later, Staples confirmed that the retailer is investigating a potential credit and debit card breach at some locations.  This news comes just over a week since Kmart joined a long line of retailers who have suffered credit card breaches this year.

Brian Krebs first reported the potential breach at Staples. According to Krebs, fraud patterns observed by several banks suggest that some Staples stores in the Northeast have been hit with a data breach--including "seven Staples stores in Pennsylvania, at least three in New York City, and another in New Jersey." While Staples has stores around the nation, there is not yet evidence that the breach extends outside the Northeast, according to Krebs' sources at different banks.

Staples has confirmed that it is investigating a potential breach, but has not commented beyond a short statement. "Staples is in the process of investigating a potential issue involving credit card data and has contacted law enforcement," said Staples Senior Public Relations Manager Mark Cautela. "We take the protection of customer information very seriously, and are working to resolve the situation. If Staples discovers an issue, it is important to note that customers are not responsible for any fraudulent activity on their credit cards that is reported on a timely basis."

From massive breaches at Home Depot and Target to smaller breaches as a variety of retailers and food chains, many credit card breaches at retailers happen as a result of malware attached to card payment terminals, which allows hackers to steal credit card numbers upon swiping.

But the days of swiping credit cards may be coming to an end. Mobile payment systems like Apple Pay and Google Wallet are removing the need for a physical credit card when making payments in stores. And even without mobile payments, card swiping may begin to be obsolete in the United States in as little as a year's time thanks to new EMV chip-and-PIN card technology. The rest of the world has already largely implemented chip payment cards, which contain a microchip and are inserted into a slot rather than swiped, but the United States has lagged behind while bearing the brunt of world's credit card fraud. By October 2015, retailers in the United States will have start using EMV cards or be personally held financially liable for any credit card fraud--a burden that currently falls on banks.

Follow me on Twitter or LinkedInSend me a secure tip