• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Technologous - Managed IT Solutions Bryan/College Station

  • Home
  • About
    • Areas We Serve
    • Our Leadership
      • Chris Dawson
      • Ian Soares
  • IT Services
    • Managed IT
    • Support IT
    • Cloud IT
  • Blog
  • Request a Consultation
  • Contact
You are here: Home / Blog / Staples Exposed Customer Data

Staples Exposed Customer Data

Staples Exposed Customer Data

Staples expose customer data when customers went to review their current and past online orders.

Staples’ order tracking portal allows you to enter your zip code and order number to track your package, but the order numbers are sequential. So starting with a customers’ order number, a hacker could access the route of a package to the city and state, which would give them a shortlist of possible zip codes. Trial and error would do the rest, and the hacker would end up with your name, address, and at least some information about how you paid for the purchase, but not exposing your card information.

Staples has fixed the exposure of customer data and stressing there is no evidence that third parties are accessing any data and no detection of unauthorized purchases to this point.

However, a recent tweet gave the hacking speculations teeth from the threat intelligence company Bad Packets revealing that Staples was slow to patch a number of their Pulse Secure VPN servers, vulnerable to CVE-2019-11510.

Although the company has neither confirmed nor denied the claim made by Bad Packets, the company outlined an all too plausible way that a hacker could have accessed order data, including the order’s shipping address.

In any case, it’s all speculation with a fix to the issue. 

Out of an abundance of caution, if you are a Staples customer, keep a watchful eye out on the payment card you use to make purchases from the company, and track your existing orders more closely to ensure you get everything on your order.

September 28, 2020 Filed Under: Blog Tagged With: Staples Data Breach

Primary Sidebar

GET OUR BLOG IN YOUR EMAIL!

Archives

  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • April 2020
  • March 2020
  • February 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • August 2018

Tags

adobe android App Apple attack Attacks Breach Browser Chrome Compromised Credit Card Dark Web Data Database Data Breach Email Facebook gmail Google government hacker Hackers information Internet iOS iPhone malware Microsoft Microsoft Windows 10 office 365 Password Passwords patch Phishing ransomeware Ransomware Scam security Social Media Update Vulnerability Vulnerable Wifi Windows Windows 10

Footer

Contact Us

Address: 3091 University Drive, Unit 210, Bryan, Texas 77802
Phone: 979-217-1226

Our Blog

  • Resolution for Windows 10 Drawing Apps November 24, 2020
  • Older Android Phones May Have Site Loading Issues In 2021 November 23, 2020
  • Apple’s Update for Zero-Day November 20, 2020
  • Luxottica Patient Information Breached November 20, 2020
  • Verizon Ends Yahoo Email Forwarding November 19, 2020

Search

Follow Us

  • Facebook
  • Home
  • About
  • Resources
  • Contact
  • Our Leadership
  • Why Choose Us?
  • IT Services
  • Request a Consultation

Copyright © 2021| All Rights Reserved | Powered By Technologous, LLC | Log in