Connect with us

Hi, what are you looking for?



Staples Confirms ‘Cybersecurity Risk’ Disrupting Online Stores

Office supply retail giant confirms security incident disrupted online orders, communications channels and customer service lines.

Office supply retail superstore Staples on Friday confirmed some of its IT systems had to be taken offline after a “cybersecurity risk” was identified and partially contained.

The incident, which experts believe is a data-extortion ransomware attack, caused temporary disruption to the processing and delivering capabilities and the company’s communications channels and customer service lines.

The Framingham, Mass. company, which runs a chain of stores throughout the U.S., posted a brief note to its home page acknowledging the incident:

“Staples recently identified a cybersecurity risk. We took proactive steps in an effort to mitigate the impact and protect customer data. Our prompt efforts caused temporary disruption to the processing and delivering capabilities, as well as to our communications channels and customer service lines. 

We apologize for the inconvenience, and rest assured, all of our systems are in the process of being restored. We expect to return to full functionality in short order. Staples stores are open and operating normally.”

Details of the incident remain scarce but security experts say it has all the hallmarks of a company scrambling to reduce the fallout from a cyberattack from a professional ransomware gang.

Related: Ransomware Gang Takes Credit for Disruptive MGM Resorts Cyberattack

Related: Yellen Says Ransomware Attack Minimally Disrupted Treasury Market Trades

Advertisement. Scroll to continue reading.

Related: MGM Resorts Confirms ‘Cybersecurity Issue’, Shuts Down Systems

Related: Windows Zero-Day Exploited in Nokoyawa Ransomware Attacks

Written By

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.