U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Cyber Crime

Hackers have stolen credit card data from 51 UPS stores in the US

Hackers have compromised with a malware the system at 51 UPS Stores across the United States, customers’ credit card data may have been exposed. UPS is the last clamorous victim of a gang of cybercriminals from Eastern Europe, the bad actors behind the cyber attack has compromised 51 UPS Stores across the United States. The investigators […]

Hackers have stolen credit card data from 51 UPS stores in the US

Hackers have compromised with a malware the system at 51 UPS Stores across the United States, customers’ credit card data may have been exposed.

UPS is the last clamorous victim of a gang of cybercriminals from Eastern Europe, the bad actors behind the cyber attack has compromised 51 UPS Stores across the United States. The investigators speculated that the gang is the same that the last year has stolen credit/debit card data in the clamorous data breaches of Target, Neiman Marcus, P.F. Chang’s and other retailers

UPS personnel have discovered that systems at 51 out of its 4,470 stores were infected by a malware, the malicious code was spread through a government bulletin alerting various retailers of potential attacks on their systems by cyber criminals.

Here’s the list of affected locations, published by the company.

ups hacked 2

UPS customers who have used their debit/credit cards at UPS Stores between Jan. 20th, 2014 and Aug. 11th this year may be victim of the data breach. UPS company has published an official statement on Wednesday to warn its customers.

“Based on the current assessment by The UPS Store and the IT security firm, certain customers’ information, who used a credit or debit card at the 51 impacted franchised center locations between January 20, 2014 and August 11, 2014, may have been exposed. For some center locations, the period of exposure to this malware began after January 20, 2014. The malware was eliminated as of August 11, 2014 and customers can shop securely at all The UPS Store locations.” wrote UPS Stores spokesperson Chelsea Lee in the statement.

The UPS representative added that customer information that may have been exposed includes names, email addresses, postal addresses and of course payment card data.

In time I’m writing the UPS company hasn’t provided information on extension of the data breach, but it clarified that for now it has “no evidence of fraud arising from this incident.”

The situation seems to be under control now, as explained by UPS in the statement the malware has been removed by the infected systems on Aug. 11, customers affected will receive one year of free identity protection and credit monitoring services.

Pierluigi Paganini

(Security Affairs – UPS, data breach)