An unidentified source told The Globe and Mail that as many as 60,000 customers may be affected.
Walmart Canada recently shut down its Photocentre online photo processing website in response to what it described as a “potential compromise of customer credit card data.”
“Our customers’ privacy is of the utmost importance,” the companystated. “We immediately launched an investigation and will be contacting customers who may be impacted.”
While the company says it doesn’t beleive any Walmart.ca, Walmart.com or in-store purchases are affected, it does recommend that all Walmart Canada Online Photocentre customers monitor their card accounts carefully and alert their financial institution to any unauthorized charges.
“We have also notified the Office of the Privacy Commissioner of Canada and will continue to work proactively with Canada’s privacy regulators as the investigation continues,” Walmart Canada added.
Customers with questions or concerns are advised to contact (888) 763-4077.
An unidentified source told The Globe and Mail that as many as 60,000 customers could be affected.
Walmart Canada’s Photocentre website is operated by a third party service provider, PNI Digital Media, which was acquired by Staples in 2014.
In a statement provided to The Star, a Staples spokesperson said, “We take the protection of information very seriously. PNI is investigating a potential credit card data security issue.”
“If an issue is discovered, it is important to note that consumers are not responsible for any fraudulent activity on their credit cards that is reported on a timely basis,” the spokesperson added.
Staples also suffered a data breach last fall when banks identified a pattern of credit and debit card fraud indicating that several Staples locations in the northeastern U.S. had been infected with point-of-sale malware. The company later acknowledged that 115 stores were impacted, and approximately 1.16 million customer debit and credit card may have been affected.
A recent eSecurity Planet article offered advice on improving database security.