Staples, a global office supply chain store based in the US, confirmed that the September malware attack on its point of sale systems might have breached data of 1.16 million credit cards.
The attack, in which hackers placed malware on the store’s POS across the country, affected 115 among its 1,400 US stores, spanning from New York to California.
The company will offer free identity protection services, including credit monitoring, identity theft insurance and a free credit report to victims who used their cards at the attacked stores during the specific time periods.
Staples said in a statement: "Typically, customers are not responsible for any fraudulent charges on their credit cards that are reported in a timely fashion. Staples customers who shopped at the affected stores during the relevant time periods should review their account statements and notify their card issuers of any suspicious activity."