"Staples is in the process of investigating a potential issue involving credit card data and has contacted law enforcement," said Mark Cautela, spokesman for the 1,800 store chain.
"We take the protection of customer information very seriously, and are working to resolve the situation."
On Monday the computer security website Krebs on Security reported receiving information that a number of banks on the US east coast have seen a surge in credit and debit card fraud with cards linked to Staples stores in the northeast.
"It appears likely that fraudsters have succeeded in stealing customer card data from some subset of Staples locations, including seven Staples stores in Pennsylvania, at least three in New York City, and another in New Jersey," the website said.
If verified, it would make Staples just the latest in a list of companies, including some of the country's largest banks, to lose customer data to hackers.
JPMorgan Chase, Home Depot and Target have reported significant intrusions by still-unidentified online thieves, forcing the companies to take costly actions to shore up protection and compensate customers affected by the data loss.
Cautela said that Staples customers would not be responsible for any fraudulent activity on their credit cards arising from the breach.
Catch the latest from the Consumer Electronics Show on Gadgets 360, at our CES 2026 hub.