In yet another revelation of retail hacking, the United Parcel Service (UPS) has confirmed that their system was exploited to gain customer information. There's bad news and there's good news in this situation.
The bad news is that if you visited one of the compromised stores between January 20 and August 11 of 2014, your credit card information may have been compromised.
The good news is that the exploitation only occurred to 51 UPS stores across the United States. This is barely over 1% of their total stores in the U.S., so it's not nearly as bad as it could have been.
UPS is offering an apology to customers, as well as a guarantee.
The UPS Store takes seriously its responsibility to protect customer information and immediately launched an internal review, implemented system enhancements and engaged an IT security firm.
An assessment by The UPS Store and the IT security firm revealed the presence of this malware on computer systems at 51 locations in 24 states (about 1%) of 4,470 franchised center locations throughout the United States. Based on the current assessment, the earliest evidence of the presence of this malware at any location is January 20, 2014. For most The UPS Store locations, based on our current assessment, the period of exposure to this malware began after March 26, 2014. This malware was eliminated as of August 11, 2014 and customers can shop securely at The UPS Store.
We apologize for any inconvenience and impact this incident may have had on our customers. The UPS Store is offering identity protection and credit monitoring services to impacted customers.
You can see the list of stores and review the credit monitoring service offered by UPS by clicking here.