Staples, the office retail giant, disclosed a data breach, it notified its customers that their order data have been accessed by threat actors without authorization.
The office retail giant sent out a data breach notification letter to the impacted customers, the incident took place around September 2.
The popular security expert Troy Hunt, who runs the data breach notification service HaveIBeenPwned published on Twitter the incident notice sent out by the company to its customers.
According to the notification, no sensitive data was exposed and an unauthorized party only accessed a limited amount of order data for customers of Staples.com.
Staples revealed that exposed order data includes customers’ names, addresses, email addresses, phone numbers, last four credit card digits, cost of the products, delivery and product ordered.
The data accessed by the hackers did not include account credentials and full payment card data.
Exposed data could be abused by threat actors to carry out malicious activities, including identity theft and phone call scams.
Customers that received the data breach notification could contact the company by phone for any questions or concerns.
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Staples)
[adrotate banner=”5″]
[adrotate banner=”13″]
Fintech firm Figure confirmed a data breach after hackers used social engineering to trick an…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in BeyondTrust RS and…
A new alleged Russia-linked APT group targeted Ukrainian defense, government, and energy groups, with CANFAIL…
A new threat actor, UAT-9921, uses the modular VoidLink framework to target technology and financial…
Attackers quickly targeted BeyondTrust flaw CVE-2026-1731 after a PoC was released, enabling unauthenticated remote code…
Google says nation-state actors used Gemini AI for reconnaissance and attack support in cyber operations.…
This website uses cookies.