UPS latest to be hit by data breach

UPS, the world’s largest package shipping company has confirmed that it has become the latest victim of hackers, reporting a data breach that may have put customer details at risk.

The company said on Wednesday that it is investigating the security breach at 51 UPS franchises across the US, which may have led to the theft of customer debit and credit card information.

In a statement, the company said that, along with a number of other US retailers, it had been alerted via government bulletin of a possible malware intrusion. The company then retained an IT security firm to conduct a systems review, which subsequently identified the malware in question at 51 locations in 24 states, constituting about 1% of 4,470 franchised centre locations throughout the United States. Around 105,000 transactions were affected, although the company can’t yet verify how many customers, according to Chelsea Lee, a UPS Store spokeswoman.

The intrusion poses a risk to UPS Store customers who paid via debit or credit card at an affected location between 20th January and 11th August. For most locations, the period of exposure to this malware began after March 26, 2014. The malware was eliminated as of August 11, 2014 and customers can now shop securely at all The UPS Store locations.

Tim Davis, President The UPS Store, Inc., said in a statement: “I understand this type of incident can be disruptive and cause frustration. I apologize for any anxiety this may have caused our customers. At The UPS Store the trust of our customers is of utmost importance.As soon as we became aware of the potential malware intrusion, we deployed extensive resources to quickly address and eliminate this issue. Our customers can be assured that we have identified and fully contained the incident.”

Related reading

Leave a comment