- CyberCrime Center
August 27, 2014
UPS Data Breach at 51 of its 4,400 Stores May Have Compromised 105,000 Customer Transactions
Notice that we said 105,000 customer transactions and not 105,000 customers? Well, that’s because while UPS knew the number of transactions, it had no idea how many customers were involved. The reason for that was the company didn’t have all cardholder data, a hassle for UPS customers who have been forced to check the UPS Store Inc.’s website to see if they shopped at an “infected” outlet. Stolen was information that included names, postal addresses, email addresses and credit- or debit-card data.
In her article on online.wsj.com (link to article), Laura Stevens says that the data breach hit UPS stores between January and August in 24 states including California, Florida, Texas and New York. The affected stores were all individually owned franchises using independent private networks.
UPS said the breach had been fixed and there was no evidence of fraud as a result of it. And, the company has set up an information website and will offer identity-protection and credit-monitoring services to any customers who have been affected.
Stevens observed that “UPS said it recently received a notification from the government alerting it to the malware, which it said wasn’t detectable by then-current antivirus software. UPS then hired a security firm to review its systems, prompting the discovery.”
ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.
ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.
The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.
For more information, visit www.threatmetrix.com or call 1-408-200-5755.
Posted by Dan Rampe
Tags: Account Takeover, Account Takeover Fraud, Bank Fraud, Botnets, Building Trust on the Internet, CNP fraud, Context-Based Authentication, Cookieless Device Identification, Cookies, Credit Card Fraud, Cyber attacks, Data Breach, Device Detection, Device Fingerprint, Device Fingerprinting, Device ID, Device Identification, Fraud Prevention, Hacking, Identity Spoofing, Identity theft, Malware, Malware Detection, Malware Protection, Man-in-the-Browser Detection, MitB, Mobile fraud, Online Fraud, Phishing, Phishing Detection, PII, ThreatMetrix, ThreatMetrix Cybercrime Index, ThreatMetrix Global Trust Intelligence Network, ThreatMetrix Web Fraud Map, Trust Tags, TrustDefender Cybercrime Protection Platform, Web Fraud