Good grief, the hacks just don't stop. Now office-supply store Staples believes that it suffered an attack that compromised some 1.16 million payment cards. Between August 10th and September 16th this year, 115 stores were afflicted by malware that "may have" grabbed cardholder names and payment information, and two stores possibly fell victim from July 20th to September 16th this year as well. The retailer isn't fully owning up to the attacks just yet, but it's offering a mea culpa all the same: free identity protection, credit reports and a host of other security services to anyone who used a card at the affected stores (PDF). And even though four Manhattan locations had reports of fraudulent payment use from this April to September without any malware or suspicious activity taking place, the outfit is extending the aforementioned benefits to customers of those stores as well.