Staples has confirmed that hackers stole 1.16 million payment cards’ information.

In October of this year, we reported on the ongoing investigation by office supply retailer Staples into suspicious activity on customers’ cards. The investigation ended with a chilling revelation for Staples’ customers: A data breach has been confirmed in which hackers gained access to over 1.16 million customers’ credit and debit card information.

The company became aware of the potential problem about two months ago, when banks across the country reported they were looking into repeated cases of payment card fraud that all seemed to trace back to the use of the cards at Staples stores. The company looked into the issue and discovered that the payment card systems at 115 of its retail locations had been infected with malware that had been stealing and distributing information to hackers. The initial infection occurred sometime between July and August of this year.

To rectify the situation, Staples is offering a series of credit-related services to customers who shopped at its stores during the months when the malware was active, including free credit monitoring, credit reports and identity theft insurance. Customers who believe they may have been affected by the breach are being encouraged to consult the list of stores where malware was found and contact Staples for access to these free benefits.

These reparative measures are possible because of Staples’ status as a large, very profitable national chain, but for many small business owners, offering these services in the wake of a potential security breach is far out of financial reach. Additionally, since most small retailers lack the clout and market share of a Staples-size company, a single breach can permanently ruin their reputation. If you own a small retail business, give yourself some peace of mind this season by upgrading to a more modern, secure point of sale system.