By TIME Staff
Staples confirmed on Friday that suspicious cyber activity, first spotted in September, was most likely a malware attack that may have breached 1.16 million credit cards.
A preliminary investigation found evidence of malware installed in the point-of-sales systems at 115 locations. The malware may have given hackers access to cardholder names, credit card numbers and verification codes. The breaches began in late summer and continued until the retailer detected and removed the malware in mid-September.
The company said that affected customers could request free identity protection services and would not be held liable for fraudulent charges.
More Must-Reads from TIME
- Your Vote Is Safe
- The Best Inventions of 2024
- How the Electoral College Actually Works
- Robert Zemeckis Just Wants to Move You
- Column: Fear and Hoping in Ohio
- How to Break 8 Toxic Communication Habits
- Why Vinegar Is So Good for You
- Meet TIME's Newest Class of Next Generation Leaders
Contact us at letters@time.com