UPS says 51 retail stores breached by malware

August 20, 2014 by David Koenig

Some customers of The UPS Store may have had their credit and debit card information exposed by a computer virus found on systems at 51 stores in 24 states.

A spokeswoman for UPS says the information includes names, card numbers and postal and email addresses from about 100,000 transactions between Jan. 20 and Aug. 11.

United Parcel Service Inc. said Wednesday that it was among U.S. retailers who got a Department of Homeland Security bulletin about the malware on July 31. The malware is not identified by current anti-virus software.

The company is not aware of any fraud related to the attack, spokeswoman Chelsea Lee said.

Atlanta-based UPS said it hired a security firm that found the virus in systems at about 1 percent of the company's 4,470 franchised locations. At many stores, the intrusion did not begin until March or April.

Lee said that the problem was fixed by Aug. 11 and the company took additional steps to protect systems at other stores. She said the affected stores were not linked electronically, and UPS is still investigating how they were compromised.

UPS said it is providing identity protection and credit monitoring help to affected customers.

The affected stores were in Arizona, California, Colorado, Connecticut, Florida, Georgia, Idaho, Illinois, Louisiana, Maryland, Nebraska, Nevada, New Jersey, New York, North Carolina, North Dakota, Ohio, Oklahoma, Pennsylvania, South Dakota, Tennessee, Texas, Virginia and Washington.

From the company's description, the breach appeared far smaller than one that hit Target Corp. during the holiday-shopping season, when hackers stole credit and debit card information involving millions of customers. Fallout from the incident is still hurting profits. Target, which said Wednesday that second-quarter profit fell 62 percent, has spent $235 million related to the breach, partly offset by $90 million in insurance payments.

The UPS breach won't have a material financial impact on the company, Lee said.

Last week, Supervalu said that hackers might have stolen names, account numbers, expiration dates and other information from card holders who shopped at up to 200 of its grocery and liquor stores. Restaurant operator P.F. Chang's, Goodwill thrift stores and other retailers have been hit by data breaches.

Explore further: Community Health details attack on patient records

More information: A list of the 51 locations of The UPS Store where malware was discovered is at www.theupsstore.com/security

Related Stories

US warns retailers on data-stealing malware

July 31, 2014

US government cybersecurity watchdogs warned retailers Thursday about malware being circulated that allows hackers to get into computer networks and steal customer data.

Recommended for you

A not-quite-random walk demystifies the algorithm

December 15, 2017

The algorithm is having a cultural moment. Originally a math and computer science term, algorithms are now used to account for everything from military drone strikes and financial market forecasts to Google search results.

FCC votes along party lines to end 'net neutrality' (Update)

December 14, 2017

The Federal Communications Commission repealed the Obama-era "net neutrality" rules Thursday, giving internet service providers like Verizon, Comcast and AT&T a free hand to slow or block websites and apps as they see fit ...

US faces moment of truth on 'net neutrality'

December 14, 2017

The acrimonious battle over "net neutrality" in America comes to a head Thursday with a US agency set to vote to roll back rules enacted two years earlier aimed at preventing a "two-speed" internet.

The wet road to fast and stable batteries

December 14, 2017

An international team of scientists—including several researchers from the U.S. Department of Energy's (DOE) Argonne National Laboratory—has discovered an anode battery material with superfast charging and stable operation ...

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.