By TIME Staff
Staples confirmed on Friday that suspicious cyber activity, first spotted in September, was most likely a malware attack that may have breached 1.16 million credit cards.
A preliminary investigation found evidence of malware installed in the point-of-sales systems at 115 locations. The malware may have given hackers access to cardholder names, credit card numbers and verification codes. The breaches began in late summer and continued until the retailer detected and removed the malware in mid-September.
The company said that affected customers could request free identity protection services and would not be held liable for fraudulent charges.
More Must-Reads from TIME
- Why Trump’s Message Worked on Latino Men
- What Trump’s Win Could Mean for Housing
- The 100 Must-Read Books of 2024
- Sleep Doctors Share the 1 Tip That’s Changed Their Lives
- Column: Let’s Bring Back Romance
- What It’s Like to Have Long COVID As a Kid
- FX’s Say Nothing Is the Must-Watch Political Thriller of 2024
- Merle Bombardieri Is Helping People Make the Baby Decision
Contact us at letters@time.com