By TIME Staff
Staples confirmed on Friday that suspicious cyber activity, first spotted in September, was most likely a malware attack that may have breached 1.16 million credit cards.
A preliminary investigation found evidence of malware installed in the point-of-sales systems at 115 locations. The malware may have given hackers access to cardholder names, credit card numbers and verification codes. The breaches began in late summer and continued until the retailer detected and removed the malware in mid-September.
The company said that affected customers could request free identity protection services and would not be held liable for fraudulent charges.
More Must-Reads From TIME
- Why We're Spending So Much Money Now
- The Fight to Free Evan Gershkovich
- Meet the 2024 Women of the Year
- John Kerry's Next Move
- The Quiet Work Trees Do for the Planet
- Breaker Sunny Choi Is Heading to Paris
- Column: The Internet Made Romantic Betrayal Even More Devastating
- Want Weekly Recs on What to Watch, Read, and More? Sign Up for Worth Your Time
Contact us at letters@time.com