Office supply retailer Staples has become the latest firm to reveal that it is investigating a possible data breach that could leave customer payment card details at risk.
The company was jolted into confirming that it has called in law enforcement by a report from security blogger Brian Krebs which disclosed that banks have identified fraud patterns indicating that several of its outlets in the north east of the US have been hit by hackers.
The possible breach is the latest in a long line at some the biggest retailers in the US over the last year. It is nearly a year since the Target attack first came to light, since when Neiman Marcus, Home Depot and, most recently, Sears-owned Kmart have all admitted their own breaches.
The spate of attacks has given urgency to the US's adoption of EMV chip technology. On Friday Barack Obama did his part, signing an executive order mandating the use of chip and PIN at executive departments and agencies for card payments.
Meanwhile, authorities are trying to find the culprits behind the attacks. In the case of one breach, at JPMorgan Chase, the FBI and Secret Service have now ruled out a potential hacker - the Russian government.
Speculation that Moscow may have been behind the attack - which saw the personal information of more than 80 million customers stolen - bubbled up in August as tension between Russia and the US grew over the Ukraine crisis. However, authorities now think that common cybercrooks were responsible.
With cybersecurity now a huge priority for the financial services industry, the US securities trade body Sifma has set out its own recommendations on what the industry and government can do to tackle the problem.
Sifma is calling on the government to embrace its responsibility to protect the business community and to listen to the industry when developing agency guidance. Despite insisting it takes the threat seriously, the body says that the resources of firms must be considered when guidance is shaped and that it must "flexible, scalable and practical". Concerns about secrecy are also aired, with the paper insisting that information sharing is limited to "respect firms' confidences".
The US government is facing plenty of fire from hackers itself, figures from its accountability office show. Federal agencies reported 48,562 cybersecurity incidents in 2012, up 782% on 2006. The office's Watch Blog notes that 24 federal agencies had information security weaknesses in key control categories such as supply chain issues.