Because many of us shop at Staples, you may want to check to see if the store you shop at was affected. 115 stores in the US were hit.

Here's a link to Staples press release - http://staples.newshq.businesswire.com/statement. You'll find a link to the list of stores in the release.

I also posted it on my blog - http://www.travelingwellforless.com/...s-data-breach/

I never get why these hacks get so much press. Who cares? All major card companies have policies that make card users non-liable for fraudulent charges. Even if they did not, we are protected under federal law.

Many of us use business cards at staples that do not offer the same customer protections as personal cards

+1
Not worried one bit about it.

A little bit of worry is always healthy.

AMEX caught fraudulent use on my Amex Plat, which is weird b/c I've only been using that card for Amex Serve offers--including staples.

Then about 10 days later, Citi called me to tell me that someone was trying to gain access to my account by telephone. I used that card on the $20 staples GC after buying VGCs at staples deal.

It's impossible to know for sure, but my store was hacked and the time frame is right. The last time I had a compromised card was 6 yrs ago. Yes, I got new cards and the fraudulent charges refunded, but it's still a hassle.

Definitely a hassle, no question about it. I meant as in not being liable for any fraudulent charges.

I tend to agree (I think that people make way too big of a deal out of it for regular CCs) but what if you're swiping a large GC? I like a $3k AGC... those have little to no fraud protection, it seems. They specifically say that if your card is lost or stolen they won't refund anything that was charged before you report it to them. Not sure what they do if the info (not the physical card) was stolen through a hack.

I've had this happen to me in the past with regular CCs so keeping large balances on AGCs always makes me nervous.

+1

You're liable for fraudulent charges on a biz card?

You may not be liable for those from the issuer's side, but if you are unlucky enough that the stolen info was used to clone a card that was used for recurring charges, you might have a hell of a time to get this clean up, not from the bank, but from the merchant where the cloned card was used for recurring charge - you could be subject to collection until you went the length to file a police report of the card breach.

A friend's card info was stolen last year. The cloned card was used to pay TIVO subscription among other fraudulent charges. Of course the bank took care of the fraudulent charges and replacement card was issued. BUT TIVO ignored the report that the card they had in file for paying subscription was a stolen card, and the account when not paid (as the cloned card was canceled) was sent to collection - guess who was harassed by the collection agency? My unlucky friend was getting threatening calls for 3 months no matter how many times he tried to get TIVO to understand what had happened. It finally took a police report to stop all this ordeal.

Exactly. Zero liability policies do not render these attacks harmless they simply are a form of insurance. It is still much better they don't happen in the first place.

I also think most Americans do not watch their CC bills as closely as your average flyertalker. If we see a charge on a card we never use, we're going to notice (since it should be at $0), and if we see a charge on the card we're currently meeting the spend for, we're going to notice (as we're watching for when we meet the minimum).


The average American is going to glance at their bill at most, so it's helpful to know they should be watching more closely for a little while.

Once you've had your magstripe cloned, you look!

I look for things that I don't recognize, but I don't check receipts or anything. So if my card had a reasonable-sized charge somewhere that I go a lot, I probably wouldn't notice. Also if I was overcharged (ie, if they increased a tip or something) I probably also wouldn't notice.