Over two months after announcing it was investigating a “potential” issue involving customers’ credit card data, Staples finally announced on December 19, 2014 that over 1 million customer payment cards may have been compromised by a data breach that affected payment systems in more than 100 stores throughout the U.S. Staples said it detected malware at 113 stores that may have allowed access to customer data between Aug. 10, 2014, and Sept. 16, 2014. In two stores, located in Jersey City, New Jersey, and Springfield, Pennsylvania, the malware was present on Staples payment systems for even longer, allowing access to purchase data as far back as July 20, the company said.
If you shopped at a Staples retail store July 20, 2014 and September 16, 2014 and believe that your private financial information has been compromised, please contact a GSP attorney to learn more about your rights. GSP attorneys are actively litigating a similar matter against Target, where litigation is proceeding in federal court in Minnesota. Please contact Brian Penny, Mark Goldman or Paul Scarlato with any questions you may have.