Staples, the nation’s largest office supply retailer, said Monday it is investigating a "potential issue" involving credit card data at its stores.
Staples spokesman Mark Cautela said in an email that the retailer has contacted law enforcement to help with its investigation.
"We take the protection of customer information very seriously and are working to resolve the situation," Cautela said in an email. “If Staples discovers an issue, it is important to note that customers are not responsible for any fraudulent activity on their credit cards that is reported on a timely basis."
Cybersecurity reporter Brian Krebs reported Monday night that banks have identified a pattern of fraudulent debit card and credit card transactions at a "small number" of Staples stores across the Northeast, including seven locations in Pennsylvania and at least three locations in New York City.
If confirmed, a credit card breach at Staples would mark the latest in a string of cyberattacks against major retailers -- including Target, Neiman Marcus and Home Depot -- over the past year. The breaches compromised 96 million debit cards and credit cards at Target and Home Depot alone, and have prompted retailers to take measures to improve security, such as introducing new technology that protects payment information through encryption.
For the most part, the repercussions for shoppers have been minor, as banks have issued new cards to those affected and reimbursed them for fraudulent charges. But at least some consumers say they have grown wary of shopping at stores that have been attacked.
Nearly half of people -- 45 percent -- who responded to a recent survey by CreditCards.com said they would “definitely not" or "probably not” shop this holiday season at retailers that have acknowledged breaches of customer credit card data.