United Parcel Service announced today that it has discovered a computer breach in 51 of its stores. The company said the breach escaped detection at stores in 24 states. That is only about 1% UPS store locations. A list of the stores can be found here. According to UPS the malware attack occurred sometime around March 26, and the malware was eliminated by August 11.
UPS Stores are individually franchised and each runs a separate computer system. Because the systems were not connected it may have helped limit the extent of the attack. UPS stated the malware was not found at any of its other businesses.
Although UPS admits that customer names, postal addresses, email addresses and payment card information were compromised no fraud has been detected that can be attributed to the breach.
UPS Store President Tim Davis apologized for the theft and any problems it may have caused customers. Davis said the company had deployed “extensive resources to quickly address and eliminate this issue.”
For more information please see
Data Breach at UPS Store in 24 States including Pennsylvania