Staples is investigating a possible breach of payment card data and has contacted law enforcement about the matter, making it the latest U.S. retailer to become a possible victim of a cyberattack. The office-supply retailer disclosed the investigation after security reporter Brian Krebs reported on his blog Krebsonsecurity.com that several banks have identified a pattern of payment card fraud suggesting that several Staples stores in northeastern United States had succumbed to a data breach.
Home Depot has confirmed that its payment systems were hacked at its U.S. and Canada stores starting in April. Customers who paid with cards may have had their data compromised. The company says there's no evidence that pin numbers from debit cards were stolen. On Sept. 2, Home Depot said it was working with banks and law enforcement to investigate reports that its stores could have been the source of a new batch of credit and debit card numbers being sold on the black market.
The corporate hacks keep coming. The latest target, according to cybersecurity blogger Brian Krebs, is the beauty supply chain Sally Beauty, a retailer that draws customers from salons and other stylists. A new batch of 282,000 stolen debit and credit cards were posted for sale this week on underground marketplaces, and Krebs believes they have been used at one of Sally Beauty's 2,600 stores. It's the latest scoop from Krebs, who has managed to penetrate the criminal underground to break major stories, including the Target and Neiman Marcus hacks.