SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Staples Confirms ‘Cybersecurity Risk’ Disrupting Online Stores

Office supply retail giant confirms security incident disrupted online orders, communications channels and customer service lines.

Office supply retail superstore Staples on Friday confirmed some of its IT systems had to be taken offline after a “cybersecurity risk” was identified and partially contained.

The incident, which experts believe is a data-extortion ransomware attack, caused temporary disruption to the staples.com processing and delivering capabilities and the company’s communications channels and customer service lines.

The Framingham, Mass. company, which runs a chain of stores throughout the U.S., posted a brief note to its home page acknowledging the incident:

“Staples recently identified a cybersecurity risk. We took proactive steps in an effort to mitigate the impact and protect customer data. Our prompt efforts caused temporary disruption to the staples.com processing and delivering capabilities, as well as to our communications channels and customer service lines. 

We apologize for the inconvenience, and rest assured, all of our systems are in the process of being restored. We expect to return to full functionality in short order. Staples stores are open and operating normally.”

Details of the incident remain scarce but security experts say it has all the hallmarks of a company scrambling to reduce the fallout from a cyberattack from a professional ransomware gang.

Related: Ransomware Gang Takes Credit for Disruptive MGM Resorts Cyberattack

Related: Yellen Says Ransomware Attack Minimally Disrupted Treasury Market Trades

Advertisement. Scroll to continue reading.

Related: MGM Resorts Confirms ‘Cybersecurity Issue’, Shuts Down Systems

Related: Windows Zero-Day Exploited in Nokoyawa Ransomware Attacks

Written By

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.

More from

Latest News

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Webinar: Protecting Executives and Enterprises from Digital, Narrative and Physical Attacks
March 12, 2025

Join this in-depth briefing on how to protect executives and the enterprises they lead from the growing convergence of digital, narrative, and physical attacks.

Register

Webinar: Which Security Testing Approach is Right for You?
March 25, 2025

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Life360 has appointed Vari Bindra, former Amazon cybersecurity lead, as Chief Information Security Officer.

Forcepoint has appointed Guy Shamilov as CISO, Bakshi Kohli as CTO and Naveen Palavalli as CPO and CMO.

Paul Calatayud has been named CISO of developer security posture management firm Archipelo.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.