In a recent announcement, UPS warned its customers that a computer breach might have exposed their personal as well as payment data at multiple locations across the United States. The number of clients affected by the security leak is yet unknown, but all the people who used credit or debit cards at the locations affected are at risk.
United Parcel Service, Inc. (UPS) is the biggest package shipping company in the world, with over 15 million packages delivered on a daily basis. The malware which triggered the customer data leak was found at 51 locations across 21 states impacting somewhere around 105,000 transactions. The time interval for this security breach seems to be rather extensive, spanning between Jan 20 (26 March for most locations) and the 11th of August this year.
The courier company announced that the malware vulnerability has been annihilated at every location and that all those affected can benefit from identity protection and credit monitoring for free during the following year. What seems to have been the saving grace for UPS was their infrastructure. Each store runs as an individual entity operating on private networks that are not connected to other locations, and this might have been an important factor in limiting the malware's area of exposure.
This attack on UPS is the latest in a series of recent hacker incursions. Other major names like Community Health Systems Inc (hospital operator) or Supervalu Inc. (supermarket chain) recently had to confront similar problems.