On Monday afternoon,
Brian Krebs first reported the potential breach at Staples. According to Krebs, fraud patterns observed by several banks suggest that some Staples stores in the Northeast have been hit with a data breach--including "seven Staples stores in Pennsylvania, at least three in New York City, and another in New Jersey." While Staples has stores around the nation, there is not yet evidence that the breach extends outside the Northeast, according to Krebs' sources at different banks.
Staples has confirmed that it is investigating a potential breach, but has not commented beyond a short statement. "Staples is in the process of investigating a potential issue involving credit card data and has contacted law enforcement," said Staples Senior Public Relations Manager Mark Cautela. "We take the protection of customer information very seriously, and are working to resolve the situation. If Staples discovers an issue, it is important to note that customers are not responsible for any fraudulent activity on their credit cards that is reported on a timely basis."
From massive breaches at Home Depot and Target to smaller breaches as a variety of retailers and food chains, many credit card breaches at retailers happen as a result of malware attached to card payment terminals, which allows hackers to steal credit card numbers upon swiping.
But the days of swiping credit cards may be coming to an end. Mobile payment systems like Apple Pay and