IE 11 is not supported. For an optimal experience visit our site on another browser.

UPS Stores In 24 States Hacked, Private Customer Data Possibly Exposed

The shipping giant's retail franchise was hit by a malware attack, potentially jeopardizing customer's identifying and financial information. Here's what you need to know.
/ Source:

What can brown do for you? Possibly put your name, home address, email address and payment card details into the hands of hackers, not unlike a slew of other major retailers to fall victim to cyber criminals in recent days.

The Atlanta-based shipping giant’s The UPS Store chain revealed yesterday that 51 franchise locations in 24 states were slammed with a malware attack, likely between Jan. 20 and Aug. 11 of this year. That’s about 1 percent of its 4,470 U.S. stores. The computing systems of other United Parcel Service (UPS) business entity systems were not affected.

The UPS Store is the latest victim in a string of sophisticated payment system hacks targeting major retail chains. Others similarly hacked include Target, Neiman Marcus, Michaels, Goodwill, and, most recently, Albertson’s and SuperValu.

Related: Protect Yourself: Turn On This Security Feature in Your Mobile Banking App

Most impacted UPS Store locations were exposed to the malicious software after March 26. If you used your debit or credit card at any of the breached stores when their systems were compromised, UPS says your information “may have been exposed.” However, company spokesperson Chelsea Lee said in a statement that UPS isn’t yet aware of any reports of fraud as a result of the intrusion, which current anti-virus software can't sniff out.

"Please know we take our responsibility to protect customer information seriously and have committed extensive resources to addressing this incident,” Tim Davis, president of The UPS Store, said in a lenghty letter to customers. “We understand this type of incident can be disruptive and apologize for any anxiety this may have caused.”

An IT security firm UPS contracted with -- after receiving a July 31 warning about the malware from the Department of Homeland Security (DHS) -- uncovered the computer virus during a sweep of the company’s systems.

Related: P.F. Chang's Says Credit-Card Breach Affected 33 Restaurants

UPS says it’s continuing to investigate. Meanwhile, it isn’t contacting potentially affected customers directly, but has created a website to address customer concerns.

The company is also encouraging anyone who shopped at affected UPS Stores during the breach to be on the lookout for suspicious debit and credit card account activity. It will also furnish complimentary credit monitoring services and identity fraud protection to customers whose information might have been jeopardized.

Related: Cyber Insurance: The Next Big Thing for Businesses

The stores that were hit with the malware are located in: Arizona, California, Colorado, Connecticut, Florida, Georgia, Idaho, Illinois, Louisiana, Maryland, Nebraska, Nevada, New Jersey, New York, North Carolina, North Dakota, Ohio, Oklahoma, Pennsylvania, South Dakota, Tennessee, Texas, Virginia and Washington.

Here is a full list of impacted locations, malware intrusion detection dates and addresses included.

Related: John McAfee: You Should Care That Your Privacy Is Disappearing