Staples, the office retail giant, disclosed a data breach, it notified its customers that their order data have been accessed by threat actors without authorization.
The office retail giant sent out a data breach notification letter to the impacted customers, the incident took place around September 2.
According to the notification, no sensitive data was exposed and an unauthorized party only accessed a limited amount of order data for customers of Staples.com.
Staples revealed that exposed order data includes customers’ names, addresses, email addresses, phone numbers, last four credit card digits, cost of the products, delivery and product ordered.
The data accessed by the hackers did not include account credentials and full payment card data.
Exposed data could be abused by threat actors to carry out malicious activities, including identity theft and phone call scams.
Customers that received the data breach notification could contact the company by phone for any questions or concerns.
(SecurityAffairs – hacking, Staples)