Banks record illegal charges on Staples shoppers' cards

Oct 21, 2014 07:27 GMT  ·  By

Fraudulent activity has been recorded on cards belonging to customers making purchases at several Staples stores, sparkling an investigation of the office supply retailer in order to determine whether its payment systems have been compromised by cybercriminals.

Multiple banks recorded illegal transactions from cards that have been previously used at a small number of Staples locations in Northeastern US.

Company investigates possible breach incident

It appears that the crooks created fake cards with the data extracted from Staples’ payment processing systems and acquired goods from different other businesses, such as supermarkets and mega stores, according to information received by security blogger Brian Krebs from the financial institutions.

He also learned that at least 11 locations of the office supply retailer may have been compromised: seven in Pennsylvania, three in New York City and one in New Jersey.

The entire chain has more than 2,000 stores across the world, most of them being based in the United States. The company sells its products both online and in brick-and-mortar locations, providing office machines, furniture, technology and business services.

An intrusion has not been confirmed by the representatives of the company yet, but Mark Cautela, Staples’ Senior Public Relations Manager, has told Krebs that an investigation has been initiated and law enforcement authorities have been contacted.

Moreover, Cautela stresses the fact that should traces of an intrusion be detected, customers would not be held liable for the fraudulent charges, if reported on a timely basis.

Retailers need to take action and revise system security approach

Staples may be the next large retailer to confirm that their payment systems have been compromised, exposing credit and debit card data of its customers to cybercriminals.

Recently, Dairy Queen, Kmart, Supervalu, Jimmy John’s, and Home Depot have all been impacted by such incidents.

In July, more than 330 GoodWill stores were affected by a similar event.

In most cases, the businesses were impacted because of an intrusion on a third-party’s systems that processed card transactions.

After scanning the Internet for systems with remote desktop software installed, cybercriminals steal the login credentials and collect details of transactions processed by the retailers.

“This breach at Staples is another example of how persistent attackers were able to successfully plant their attack tool. Enterprises are now coming to a conclusion that they are either already compromised, or will soon be. It's not a matter of ‘if’, it's a matter of ‘when’.”

“The breach shows the necessity of moving from trying to prevent an attack to try and detect and respond as quickly as possible,” said Aviv Raff, CTO at Seculert, about the incident.