TMCnet News

The UPS Store, Inc. Notifies Customers of Potential Data Compromise and Incident Resolution
[August 22, 2014]

The UPS Store, Inc. Notifies Customers of Potential Data Compromise and Incident Resolution


(ENP Newswire Via Acquire Media NewsEdge) ENP Newswire - 22 August 2014 Release date- 21082014 - The UPS Store, Inc., among many other U.S. retailers, recently received a government bulletin regarding a broad-based malware intrusion not identified by current anti-virus software.



Upon receiving the bulletin, The UPS Store retained an IT security firm and conducted a review of its systems and the systems of its franchised center locations. The UPS Store discovered malware identified in the bulletin on systems at 51 locations in 24 states (about 1%) of 4,470 franchised center locations throughout the United States.

Based on the current assessment by The UPS Store and the IT security firm, certain customers' information, who used a credit or debit card at the 51 impacted franchised center locations between January 20, 2014 and August 11, 2014, may have been exposed. For most locations, the period of exposure to this malware began after March 26, 2014. The malware was eliminated as of August 11, 2014 and customers can shop securely at all The UPS Store locations.


'I understand this type of incident can be disruptive and cause frustration. I apologize for any anxiety this may have caused our customers. At The UPS Store the trust of our customers is of utmost importance,' said Tim Davis, President The UPS Store, Inc. 'As soon as we became aware of the potential malware intrusion, we deployed extensive resources to quickly address and eliminate this issue. Our customers can be assured that we have identified and fully contained the incident,' Davis said.

Each franchised center location is individually-owned and runs independent private networks that are not connected to other franchised center locations. The limited malware intrusion was discovered at only 51 The UPS Store franchised center locations and was not present on the computing systems of any other UPS business entities.

The customer information that may have been exposed includes names, postal addresses, email addresses and payment card information. Not all of this information may have been exposed for each customer. Based on the current assessment, The UPS Store has no evidence of fraud arising from this incident. The UPS Store is providing an information website, identity protection and credit monitoring services to customers whose information may have been compromised.

About The UPS Store With more than 4,400 locations, The UPS Store network comprises the nation's largest franchise system of retail shipping, postal, print and business service centers. The UPS Store locations in the U.S. are independently owned and operated by licensed franchisees of The UPS Store, Inc., a subsidiary of UPS. Services, pricing and hours of operation may vary by location.

Contact: Chelsea Lee Tel: 858-455-8982 (c) 2014 Electronic News Publishing -

[ Back To TMCnet.com's Homepage ]