BY DAMON POETER AUGUST 21, 2014
The UPS subsidiary was hit with a malware-based intrusion impacting 51 franchises between Jan. 20 and Aug. 11.
The UPS Store, a subsidiary of UPS, was hit with a malware-based system intrusion impacting 51 franchise locations in 24 states between Jan. 20 and Aug. 11, the company said this week.
Customer data, including credit card and debit card information, may have been exposed at the impacted locations during the varying periods the malware resided on the computer systems at those franchises, according to a UPS Store notification to potentially affected customers.
Other customer information that was potentially exposed to bad actors included names, postal addresses, and email addresses, according to the UPS Store. The company said that "[b]ased on the current assessment, The UPS Store has no evidence of fraud arising from this incident."
The company said it hired an outside, unnamed IT security firm to investigate the breach and purge the systems at affected stores of the malware, which the UPS Store first learned about from a U.S. government bulletin.
"I understand this type of incident can be disruptive and cause frustration. I apologize for any anxiety this may have caused our customers," UPS Store president Tim Davis said in a statement. "At The UPS Store the trust of our customers is of utmost importance. As soon as we became aware of the potential malware intrusion, we deployed extensive resources to quickly address and eliminate this issue. Our customers can be assured that we have identified and fully contained the incident."
A full list of affected UPS Store locations with the dates each store was afflicted with the malware can be found here.
The majority of stores became infected after March 26, according to the UPS Store and its IT security contractor, though the computer systems of some locations were exposed to the malware as early as Jan. 26. All affected locations listed as exposed by the UPS Store were clear of the malware as of Aug. 11, the company said.
UPS Store customers who are concerned that their sensitive information may have been compromised can visit theupsstore.allclearid.com or call 1-855-731-6016 to speak to a customer representative.
Damon Poeter got his start in journalism working for the English-language daily newspaper The Nation in Bangkok, Thailand. He covered everything from local news to sports and entertainment before settling on technology in the mid-2000s.
No comments:
Post a Comment