Giant office retail company Staples disclosed a data breach, threat actors accessed some of its customers’ order data.
Staples, the office retail giant, disclosed a data breach, it notified its customers that their order data have been accessed by threat actors without authorization.
The office retail giant sent out a data breach notification letter to the impacted customers, the incident took place around September 2.
The popular security expert Troy Hunt, who runs the data breach notification service HaveIBeenPwned published on Twitter the incident notice sent out by the company to its customers.
Data breach at @Staples pic.twitter.com/gvLndAJV2P
— Troy Hunt (@troyhunt) September 14, 2020
According to the notification, no sensitive data was exposed and an unauthorized party only accessed a limited amount of order data for customers of Staples.com.
Staples revealed that exposed order data includes customers’ names, addresses, email addresses, phone numbers, last four credit card digits, cost of the products, delivery and product ordered.
The data accessed by the hackers did not include account credentials and full payment card data.
Exposed data could be abused by threat actors to carry out malicious activities, including identity theft and phone call scams.
Customers that received the data breach notification could contact the company by phone for any questions or concerns.
(SecurityAffairs – hacking, Staples)
Share On
Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at “Cyber Defense Magazine”, Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog “Security Affairs” recently named a Top National Security Resource for US. Pierluigi is a member of the “The Hacker News” team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books “The Deep Dark Web” and “Digital Virtual Currency and Bitcoin”.
Giant office retail company Staples disclosed a data breach, threat actors accessed some of its customers’ order data.
Staples, the office retail giant, disclosed a data breach, it notified its customers that their order data have been accessed by threat actors without authorization.
The office retail giant sent out a data breach notification letter to the impacted customers, the incident took place around September 2.
The popular security expert Troy Hunt, who runs the data breach notification service HaveIBeenPwned published on Twitter the incident notice sent out by the company to its customers.
Data breach at @Staples pic.twitter.com/gvLndAJV2P
— Troy Hunt (@troyhunt) September 14, 2020
According to the notification, no sensitive data was exposed and an unauthorized party only accessed a limited amount of order data for customers of Staples.com.
Staples revealed that exposed order data includes customers’ names, addresses, email addresses, phone numbers, last four credit card digits, cost of the products, delivery and product ordered.
The data accessed by the hackers did not include account credentials and full payment card data.
Exposed data could be abused by threat actors to carry out malicious activities, including identity theft and phone call scams.
Customers that received the data breach notification could contact the company by phone for any questions or concerns.
(SecurityAffairs – hacking, Staples)