Staples confirms cyberattack behind service outages, delivery issues

American office supply retailer Staples took down some of its systems earlier this week after a cyberattack to contain the breach's impact and protect customer data. Staples operates 994 stores in the US and Canada, along with 40 fulfillment centers for nationwide product storage and dispatch. The disclosure comes after multiple Reddit reports posted online since Monday reported various Staples internal operation problems, including an inability to access Zendesk, VPN employee portals, print email, use phone lines, and more. There are unconfirmed reports that Staples employees have been instructed to avoid logging into Microsoft 365 using single sign-on and that call center employees have been sent home for two consecutive days. BleepingComputer reached out to Staples asking about the validity of these reports, and the company confirmed that it was forced to take protective action to mitigate what it described as a "Cybersecurity risk." The response measures disrupted Staples' business operations, specifically the backend processing and product delivery. "On November 27, Staples Inc.'s cybersecurity team identified a cybersecurity risk. We took proactive steps in an effort to mitigate the impact and protect customer data," a Staples spokesperson told BleepingComputer. "Our prompt efforts caused temporary disruption to our backend processing and delivering capabilities, as well as our communications channels and customer service lines." Staples stores are currently open and operational, but orders on staples.com may not be processed according to the standard timelines as related systems are still down. "All of our systems are in the process of coming back online, and we expect to return to normal functionality in short order. We may experience slight delays in the interim but expect to ship all orders that have been placed," the spokesperson added. A similar notice was posted on Staples's website, apologizing to visitors for the unexpected outage and promising a quick return to normal operations. BleepingComputer has learned that no ransomware was deployed in the attack, and no files were encrypted. Encryptors are typically the final payload deployed in a ransomware attack. A quick response by Staples, including network and VPN shutdown, may have thwarted the attack before it reached its final stages. In March 2023, Staples-owned distributor Essendant also experienced a multi-day outage that prevented customers and suppliers from placing or fulfilling online orders. Almost three years earlier, in September 2020, the firm suffered a data breach that exposed sensitive customer and order information after hackers exploited a vulnerability on an unpatched VPN endpoint to gain access. Cyberattack on IT provider CTS impacts dozens of UK law firms. Mortgage giant Mr. Cooper says customer data exposed in breach. Mortgage giant Mr. Cooper hit by cyberattack impacting IT systems. Ace Hardware says 1,202 devices were hit during cyberattack.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 20:24:55 +0000


Cyber News related to Staples confirms cyberattack behind service outages, delivery issues

Staples confirms cyberattack behind service outages, delivery issues - American office supply retailer Staples took down some of its systems earlier this week after a cyberattack to contain the breach's impact and protect customer data. Staples operates 994 stores in the US and Canada, along with 40 fulfillment centers ...
11 months ago Bleepingcomputer.com
Nissan is investigating cyberattack and potential data breach - Japanese car maker Nissan is investigating a cyberattack that targeted its systems in Australia and New Zealand, which may have let hackers access personal information. Details of the attack have not been published but the company informed customers ...
11 months ago Bleepingcomputer.com
Staples Confirms 'Cybersecurity Risk' Disrupting Online Stores - Office supply retail superstore Staples on Friday confirmed some of its IT systems had to be taken offline after a "Cybersecurity risk" was identified and partially contained. The incident, which experts believe is a data-extortion ransomware attack, ...
11 months ago Securityweek.com
Capital Health Hospitals hit by cyberattack causing IT outages - Capital Health hospitals and physician offices across New Jersey are experiencing IT outages after a cyberattack hit the non-profit organization's network earlier this week. The healthcare system manages two hospitals, an outpatient facility in ...
11 months ago Bleepingcomputer.com
American Family Insurance confirms cyberattack is behind IT outages - Insurance giant American Family Insurance has confirmed it suffered a cyberattack and shut down portions of its IT systems after customers reported website outages all week. American Family Insurance is an insurance company focusing on commercial and ...
11 months ago Bleepingcomputer.com
Cyberattack on health services provider impacts 5 Canadian hospitals - A cyberattack on shared service provider TransForm has impacted operations in five hospitals in Ontario, Canada, impacting patient care and causing appointments to be rescheduled. TransForm is a not-for-profit, shared service organization founded by ...
11 months ago Bleepingcomputer.com
Mortgage giant Mr. Cooper hit by cyberattack impacting IT systems - U.S. mortgage lending giant Mr. Cooper was breached in a cyberattack that caused the company to shut down IT systems, including access to their online payment portal. Mr. Cooper is a mortgage lending company based out of Dallas, Texas, that employs ...
11 months ago Bleepingcomputer.com
Ohio Lottery hit by cyberattack claimed by DragonForce ransomware - The Ohio Lottery was forced to shut down some key systems after a cyberattack affected an undisclosed number of internal applications on Christmas Eve. While the incident is now under investigation, and the lottery is working to restore all impacted ...
10 months ago Bleepingcomputer.com
Mortgage firm loanDepot cyberattack impacts IT systems, payment portal - U.S. mortgage lender loanDepot has suffered a cyberattack that caused the company to take IT systems offline, preventing online payments against loans. LoanDepot is one of the largest nonbank retail mortgage lenders in the USA, employing ...
10 months ago Bleepingcomputer.com
Title insurance giant First American offline after cyberattack - First American Financial Corporation, the second-largest title insurance company in the United States, took some of its systems offline today to contain the impact of a cyberattack. Its official website was taken offline before this article was ...
10 months ago Bleepingcomputer.com
Ukraine's largest mobile carrier Kyivstar down following cyberattack - Kyivstar, Ukraine's largest telecommunications service provider serving over 25 million mobile and home internet subscribers, has suffered a cyberattack impacting mobile and data services. The official website is offline, but the company informed ...
11 months ago Bleepingcomputer.com
Cloudflare Dashboard and APIs down after data center power outage - An ongoing Cloudflare outage has taken down many of its products, including the company's dashboard and related application programming interfaces customers use to manage and read service configurations. The complete list of services whose ...
11 months ago Bleepingcomputer.com
Understanding Each Link of the Cyberattack Impact Chain - It's often difficult to fully appreciate the impact of a successful cyberattack. Other consequences aren't so obvious - from a loss of customer trust and potential business to stolen data that may surface as part of another cyberattack years later. ...
11 months ago Securityboulevard.com
Box cloud storage down amid 'critical' outage - Cloud storage provider Box is down in a 'critical' outage, preventing customers from accessing their files. The outage started at approximately 9 AM ET, with the company stating that it is a critical outage impacting logins, uploads, downloads, and ...
11 months ago Bleepingcomputer.com
US govt sanctions North Korea's Kimsuky hacking group - The Treasury Department's Office of Foreign Assets Control has sanctioned the North Korean-backed Kimsuky hacking group for stealing intelligence in support of the country's strategic goals. OFAC has also sanctioned eight North Korean agents for ...
11 months ago Bleepingcomputer.com
Cato Unveils Industry First AI-driven Networking and Security Incident Detection and Response - Cato Networks, the leader in SASE, announced the addition of network incident detection and response tools to the Cato SASE Cloud platform. With Network Stories for Cato XDR, advanced AI algorithms instantly identify outages in customer networks and ...
8 months ago Itsecurityguru.org
Cato Unveils Industry First AI-driven Networking and Security Incident Detection and Response - Cato Networks, the leader in SASE, announced the addition of network incident detection and response tools to the Cato SASE Cloud platform. With Network Stories for Cato XDR, advanced AI algorithms instantly identify outages in customer networks and ...
8 months ago Itsecurityguru.org
Cato Unveils Industry First AI-driven Networking and Security Incident Detection and Response - Cato Networks, the leader in SASE, announced the addition of network incident detection and response tools to the Cato SASE Cloud platform. With Network Stories for Cato XDR, advanced AI algorithms instantly identify outages in customer networks and ...
8 months ago Itsecurityguru.org
Cato Unveils Industry First AI-driven Networking and Security Incident Detection and Response - Cato Networks, the leader in SASE, announced the addition of network incident detection and response tools to the Cato SASE Cloud platform. With Network Stories for Cato XDR, advanced AI algorithms instantly identify outages in customer networks and ...
8 months ago Itsecurityguru.org
Holiday Hackers: How to Safeguard Your Service Desk - Hackers really don't take holidays, but they will take advantage of them. Many of these cyberattacks will zero in on the service or help desk to gain entry into network systems. Recovering accounts because of forgotten passwords is one of the ...
11 months ago Bleepingcomputer.com
Cyberattack knocks out Pensacola city government phone lines - The city government of Pensacola, Florida, is dealing with widespread phone outages due to a cyberattack announced over the weekend. City spokesperson Jason Wheeler told Recorded Future News that officials are experiencing phone issues across city ...
8 months ago Therecord.media
DevSecOps: Definition, Benefits and Best Practices - DevSecOps is an approach that focuses on the alignment of the three core pillars of DevOps — Development, Operations, and Security. It’s a combination of processes, tools and practices designed to enable organizations to adopt innovative and ...
1 year ago Heimdalsecurity.com
US mortgage lender loanDepot confirms ransomware attack - Leading U.S. mortgage lender loanDepot confirmed today that a cyber incident disclosed over the weekend was a ransomware attack that led to data encryption. LoanDepot is a major nonbank mortgage lender in the United States, with over $140 billion in ...
10 months ago Bleepingcomputer.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
11 months ago Esecurityplanet.com
Long Beach, California turns off IT systems after cyberattack - The Californian City of Long Beach is warning that they suffered a cyberattack on Tuesday that has led them to shut down portions of their IT network to prevent the attack's spread. Long Beach is the home to approximately 460,000 people and is the ...
11 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)