Office supply retail superstore Staples on Friday confirmed some of its IT systems had to be taken offline after a “cybersecurity risk” was identified and partially contained.
The incident, which experts believe is a data-extortion ransomware attack, caused temporary disruption to the staples.com processing and delivering capabilities and the company’s communications channels and customer service lines.
The Framingham, Mass. company, which runs a chain of stores throughout the U.S., posted a brief note to its home page acknowledging the incident:
“Staples recently identified a cybersecurity risk. We took proactive steps in an effort to mitigate the impact and protect customer data. Our prompt efforts caused temporary disruption to the staples.com processing and delivering capabilities, as well as to our communications channels and customer service lines.
We apologize for the inconvenience, and rest assured, all of our systems are in the process of being restored. We expect to return to full functionality in short order. Staples stores are open and operating normally.”
Details of the incident remain scarce but security experts say it has all the hallmarks of a company scrambling to reduce the fallout from a cyberattack from a professional ransomware gang.
Related: Ransomware Gang Takes Credit for Disruptive MGM Resorts Cyberattack
Related: Yellen Says Ransomware Attack Minimally Disrupted Treasury Market Trades
Related: MGM Resorts Confirms ‘Cybersecurity Issue’, Shuts Down Systems
Related: Windows Zero-Day Exploited in Nokoyawa Ransomware Attacks
Source: securityweek.com