UPS has announced that it discovered a breach of its computer systems affecting 51 UPS stores in 24 states (about 1% of its 4,470 franchised center locations throughout the United States). The company says that information of customers who made credit and debit card purchases at those stores between January 20, 2014 and August 11, 2014 may have been stolen. That may include customers’ names, postal addresses, email addresses and payment card information – not all of this information was necessarily exposed for each customer. The malware was eliminated as of August 11, 2014 and UPS says that it’s safe to shop at UPS stores.
For a list of affected stores, click here. There is much more information there as well, including how customers who used their credit or debit cards at the UPS stores in question during that time period can sign up for free identity theft services and other steps they should take to protect themselves.
If you think that you could be a victim of this data breach, be especially wary of any letters or emails you receive that look like they’re from UPS. They may be from scammers trying to trick you into providing additional personal information. UPS is NOT contacting individual customers whose data may have been stolen. The company has provided a toll-free number, 1-855-731-6016, for customers to call if they have any questions.