News September 15, 2020
Staples Inc. Data Breach Didn’t Affect Promo Side
Hackers accessed limited customer information on fewer than 2,500 orders from Staples.com.
Staples Promotional Products (asi/120601), a top five distributor in the North American promotional products industry, was not affected by a recent data breach at Staples.com, the online retail store of the firm’s parent company Staples Inc.
Meredith Schwenk, Staples Inc.’s director of corporate communications, told Counselor that information from fewer than 2,500 orders was affected. The unauthorized access of “non-sensitive customer order data … did not impact Staples Promotional Products,” Schwenk said.
Staples Inc. CEO Sandy Douglas sent affected customers a letter that said the breach might have exposed information like the customer’s name, address, email, phone number and last four digits of the credit/debit card used, as well as information about the cost, delivery and product ordered.
“It did not include your account credentials or full payment card number, and there is no indication that it resulted in any purchases being made on your behalf,” Douglas said in the letter.
Schwenk said Staples. Inc. quickly investigated the breach and took swift steps to remedy the situation. “The company takes the protection of its customers’ data seriously,” she said.
With estimated 2019 North American promotional product revenue of $601.6 million, Overland Park, KS-based Staples Promotional Products ranked third on Counselor’s most recent list of the largest distributors in the industry.