Staples Stores Business Disrupted from Cybersecurity Incident

Staples had to take some of its order processing and product delivery systems offline to protect its network and its customer data from an unnamed “cybersecurity risk.”

Staples is an office supply retail chain operating nearly a thousand stores and forty warehouses in the U.S. and Canada. The company employs over 75,000 people and has an annual revenue that surpasses $14 billion.

Issues with the operation of Staple stores first became apparent on Monday. Two days ago, users claiming to have relations to Staples employees reported on Reddit that they learned about a security risk that had unfolded on the company’s systems. Reportedly, employees were told to avoid using single sign-on (SSO) on their Microsoft accounts and were also advised not to accept any calls, even from internal numbers.

RestorePrivacy contacted Staples for a comment on their status, and we have received a confirmation they are mitigating a cybersecurity incident. The full statement of the Staples spokesperson can be found below.

“On November 27, Staples Inc.’s cybersecurity team identified a cybersecurity risk. We took proactive steps in an effort to mitigate the impact and protect customer data. Our prompt efforts caused temporary disruption to our backend processing and delivering capabilities, as well as our communications channels and customer service lines.”

“All of our systems are in the process of coming back online and we expect to return to normal functionality in short order. We may experience slight delays in the interim but expect to ship all orders that have been placed. We apologize for any inconvenience this may have caused for our valued customers.”

Staples spokesperson

In a follow-up email, RestorePrivacy asked Staples to comment on the impact to customer and employee data. The Staples spokesperson had this to say:

While it is too early to make any definitive statements, we are optimistic that our quick action helped avert more serious consequences. We take seriously our responsibility to protect all of our data.

Staples spokesperson

Currently, Staples stores are open and operating normally. However, online order processing and item deliveries remain impacted. A notice posted on the main website promises a “return to full functionality in short order.”

The exact causes of this outage on the famous retail chain business remain unknown, but the details that have leaked online point to a company-wide compromise of Microsoft accounts and the company’s SSO systems. SSO is directly linked to Microsoft 365, which uses Azure AD for identity and access management services.

If there is a compromise in the SSO system connected to Microsoft 365, it could impact access to not only Microsoft 365 services but also any other applications integrated with Azure AD. Addressing such a breach would require immediate and comprehensive security measures to protect sensitive information and restore secure access for legitimate users, which matches the type of response Staples had in this case.

Further reading:

• Timing Attacks on WhatsApp, Signal, and Threema can Reveal User Location
• Office Supplies Giant Essendant Was Hit by Ransomware
• Hackers Claim Attack on General Electric, Leak Data Samples
• LINE Messenger Suffers User Data Breach Caused by Malware Attack