Giant office retail company Staples informed some of its customers of a data breach, related to their orders. The company sent a brief letter signed by its CEO Alexander ‘Sandy’ Douglas, describing the incident. The incident occurred around September 2, 2020, in included “non-sensitive customer order data”: names, addresses, email addresses, phone numbers, last four credit card digits, and details about the order (delivery, cost, product). Credential information or credit card information wasn’t exposed.
Although this breach is considered low impact, it may still cause serious damage to customers. Adversaries could use the information to launch phishing attacks.
Read more about it here.