Staples confirmed on Friday that suspicious cyber activity, first spotted in September, was most likely a malware attack that may have breached 1.16 million credit cards. A preliminary investigation found evidence of malware installed in the point-of-sales systems at 115 locations. The malware may have given hackers access to cardholder names, credit card numbers and verification codes.