A number of banks from the Northeastern region identified a pattern in fraudulent payment card charges that seem to have Staples Inc. as a common denominator.
The current theory, which was first reported on by Brian Krebs, is that the POS stations were infected with a credit card information-stealing malware. Once the thieves had all the information, they created a duplicate cards with the stolen information. This theory is supported by the fact that the fraudulent charges did not occur at Staples stores. According to the report, altogether, at least 11 Staples stores were hosting the compromised POS stations.
Staples have since contacted the law enforcement and launched an investigation into the matter. Furthermore, Staple’s Senior Public Relations Manager Mark Cautela reassured the Staple’s customer base by stating:
“We take the protection of customer information very seriously, and are working to resolve the situation. If Staples discovers an issue, it is important to note that customers are not responsible for any fraudulent activity on their credit cards that is reported on [in] a timely basis.”
If you shopped at Staples recently in the the Northeastern area, make sure to check your bank statements and report any issue as soon as possible. Don’t shy away and not report cyberfraud, as do Brits.