Staples discloses data breach exposing customer order data

Pierluigi Paganini September 14, 2020

Giant office retail company Staples disclosed a data breach, threat actors accessed some of its customers’ order data.

Staples, the office retail giant, disclosed a data breach, it notified its customers that their order data have been accessed by threat actors without authorization.

The office retail giant sent out a data breach notification letter to the impacted customers, the incident took place around September 2.

The popular security expert Troy Hunt, who runs the data breach notification service HaveIBeenPwned published on Twitter the incident notice sent out by the company to its customers.

According to the notification, no sensitive data was exposed and an unauthorized party only accessed a limited amount of order data for customers of

Staples revealed that exposed order data includes customers’ names, addresses, email addresses, phone numbers, last four credit card digits, cost of the products, delivery and product ordered.

The data accessed by the hackers did not include account credentials and full payment card data.

Exposed data could be abused by threat actors to carry out malicious activities, including identity theft and phone call scams.

Customers that received the data breach notification could contact the company by phone for any questions or concerns.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Staples)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment