Skip to main content

UPS becomes latest victim of major data breach

News of another data breach barely causes a slight twitch in the average eye these days, let alone a full-on bat of the eyelid, so it's with no great surprise that we've heard about another major data spillage, this time from UPS over in the States.

UPS or the United Parcel Service couriers discovered (in conjunction with a third-party security company) that some of its UPS Store computer systems had been infected by data slurping malware following a warning about said malicious software from the US government.

The malware had managed to insinuate itself onto UPS Store systems over 51 locations (across 24 states) out of a total of 4,470 total franchise locations (1.1 per cent of locations, in other words).

The really worrying part is that the firm said that the malware had been on the go since January in some cases, so it has been active for well over half a year. UPS said that it was cleaned up and removed from all computers as of 11 August, assuring customers that there is now no danger when shopping at the UPS Store (at least not from this threat).

Read more: ICO cautions law firms over breaches

Details including names and addresses (postal and email) plus bank card information were involved, with UPS advising customers to "closely monitor their card account activity". There have been no reports of fraud as a result of this security breach, though (not yet, anyway).

In a statement, UPS said: "We apologise for any inconvenience and impact this incident may have had on our customers. The UPS Store is offering identity protection and credit monitoring services to impacted customers. In order to take advantage of this service, please visit"

Related: UK retailer Office suffers data breach