HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED 4 MINUTES AGO.
You are here: Home / Network Security / UPS Stores Hit by Data Breach
Build Apps 5x Faster
For Half the Cost Enterprise Cloud Computing
On Force.com
UPS Stores in 24 States Hit by Data Breach
UPS Stores in 24 States Hit by Data Breach
By Jennifer LeClaire / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
AUGUST
21
2014
Big Brown has been breached. United Parcel Service (UPS) on Wednesday announced that about 105,000 customer transactions at 51 of its UPS Store locations in 24 states could have been compromised between January and August.

UPS discovered the breach in response to a government bulletin warning of a broad-based malware intrusion that traditional anti-virus software programs weren’t catching. UPS hired an IT security firm to review its systems -- and systems at its franchisees -- and discovered the breach. UPS eliminated the malware on August 11 and has posted details about which stores were affected.

The list of stores includes between one and four locations in each of the following states: Arizona, California, Colorado, Connecticut, Florida, Georgia, Idaho, Illinois, Louisiana, Maryland, Nebraska, Nevada, New Jersey, New York, North Carolina, North Dakota, Ohio, Oklahoma, Pennsylvania, South Dakota, Tennessee, Texas, Virginia, and Washington.

"I understand this type of incident can be disruptive and cause frustration. I apologize for any anxiety this may have caused our customers," said Tim Davis, president, The UPS Store. "As soon as we became aware of the potential malware intrusion, we deployed extensive resources to quickly address and eliminate this issue. Our customers can be assured that we have identified and fully contained the incident.”

Dissecting the Malware

We caught up with Aviv Raff, CTO and chief researcher at advanced threat protection firm Seculert, to get his thoughts on the UPS breach. He told us this is another example -- just like the recent Community Health Systems breach that gave hackers access to 4.5 million patient records -- of how persistent attackers were able to successfully plant their attack tools.

“Enterprises are now coming to a conclusion that they are either already compromised, or will soon be,” Raff said. “It's not a matter of ‘if,’ it's a matter of ‘when.'”

Raff pointed out that UPS basically admitted that the attackers were in its systems, undetected, for four to eight months. That, he said, shows how necessary it is for enterprises to start using security tools that are able to detect attacks not just in real time but, more importantly, over time by analyzing historical and ongoing traffic logs.

We also turned to Tim Erlin, director of IT security and risk strategy at security firm Tripwire, to get his take on the latest breach. He told us the presence of malware on point-of-sale systems and infrastructure is a clear and present threat for any retail establishment. (continued...)

1  2  Next Page >

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.
MORE IN NETWORK SECURITY
Product Information and Resources for Technology You Can Use To Boost Your Business
© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.