A computer virus may have targeted 51 “The UPS Store” locations in 24 different states, resulting in the exposure of credit and debit card information of consumers all over the nation.
According to UPS spokeswoman Chelsea Lee, the compromised information includes names, card numbers as well as postal and email addresses from at least 100,000 transactions taking place between Jan. 20 and Aug. 11 of this year. UPS is unaware of any fraudulent activity having occurred due to the attack, Lee said.
A bulletin from the Department of Homeland Security brought the suspected malware to the attention of U.S. retailers, including UPS, on July 31. Current anti-virus software has yet to identify this malware.
In order to learn more about the cyber-attack and prevent any further damage, UPS hired a security firm to investigate the breach at its stores. The firm discovered that the breach only occurred at 1 percent of 4,470 franchised locations. At many of the affected stores, the intrusion did not start until March or April.
The customers affected by the data breach will be provided both identity protection and credit monitoring by UPS to help deter fraud.
Stores affected by the data breach were located in the following states: Arizona, California, Colorado, Connecticut, Florida, Georgia, Idaho, Illinois, Louisiana, Maryland, Nebraska, Nevada, New Jersey, New York, North Carolina, North Dakota, Ohio, Oklahoma, Pennsylvania, South Dakota, Tennessee, Virginia and Washington.
Fortunately, UPS’s data breach was not on the scale as many other data breaches that have happened in recent years, such as Target’s holiday data breach that compromised the financial information of millions of its customers. Since that event, Target has seen many losses attributed to the data breach, including the $235 million spent related to the breach only partly offset by $90 million in insurance payments.
Spokeswoman Lee said she does not believe the UPS data breach will have any material financial impact on the shipping company.
For a detailed list on The UPS Stores affected by the malware, visit www.theupsstore.com/security.