In what could be the latest data breach to strike U.S. retailers, Staples Inc. said it is investigating “a potential issue involving credit card data.”
The office supply chain, based in Framingham, Mass., said Tuesday it has contacted law enforcement and is “working to resolve the situation.”
“If Staples discovers an issue, it is important to note that customers are not responsible for any fraudulent activity on their credit cards that is reported on a timely basis,” Staples spokesman Mark Cautela said in a statement.
The company’s statement follows a report from security journalist Brian Krebs that hackers likely stole customer card data from a handful of stores in the Northeastern United States.
Data breaches have hit several large U.S. retailers recently, including Target Corp., Neiman Marcus and Home Depot.
Unlike those massive breaches, the possible Staples hack appears limited in scope.
Krebs, citing unnamed sources at East Coast banks, reported that the possible theft occurred at a “subset of Staples locations, including seven Staples stores in Pennsylvania, at least three in New York City, and another in New Jersey.”
The company has nearly 1,500 stores nationwide.
Staples shares were down 2 cents, or 0.16%, to $12.28 in early afternoon trading on Wall Street.
Follow me on Twitter: @khouriandrew