The UPS Store, Inc. Notifies Customers Of Potential Data Compromise And Incident Resolution

SAN DIEGO, Aug. 20, 2014 (GLOBE NEWSWIRE) -- The UPS Store, Inc., among many other U.S. retailers, recentlyreceived a government bulletin regarding a broad-based malwareintrusion not identified by current anti-virus software. Uponreceiving the bulletin, The UPS Store retained an IT security firmand conducted a review of its systems and the systems of itsfranchised center locations. The UPS Store discovered malwareidentified in the bulletin on systems at 51 locations in 24 states(about 1%) of 4,470 franchised center locations throughout theUnited States.

Based on the current assessment by The UPS Store and the ITsecurity firm, certain customers' information, who used a credit ordebit card at the 51 impacted franchised center locations betweenJanuary 20, 2014 and August 11, 2014, may have been exposed. Formost locations, the period of exposure to this malware began afterMarch 26, 2014. The malware was eliminated as of August 11, 2014and customers can shop securely at all The UPS Storelocations. 

"I understand this type of incident can be disruptive and causefrustration.  I apologize for any anxiety this may have causedour customers.  At The UPS Store the trust of our customers isof utmost importance," said Tim Davis, President The UPS Store,Inc. "As soon as we became aware of the potential malwareintrusion, we deployed extensive resources to quickly address andeliminate this issue. Our customers can be assured that we haveidentified and fully contained the incident," Davissaid.  

Each franchised center location is individually-owned and runsindependent private networks that are not connected to otherfranchised center locations. The limited malware intrusion wasdiscovered at only 51 The UPS Store franchised center locations andwas not present on the computing systems of any other UPS businessentities. A list of locations is attached and is displayed at www.theupsstore.com/security.

The customer information that may have been exposed includesnames, postal addresses, email addresses and payment cardinformation. Not all of this information may have been exposed foreach customer. Based on the current assessment, The UPS Store hasno evidence of fraud arising from this incident. The UPS Store isproviding an information website, identity protection and creditmonitoring services to customers whose information may have beencompromised.

For further information and to learn about complimentaryidentity protection and credit monitoring services, visit https://theupsstore.allclearid.com.To talk with a representative of The UPS Store concerning thisissue, call 1-855-731-6016.

About The UPS Store

With more than 4,400 locations, The UPS Store networkcomprises the nation's largest franchise system of retail shipping,postal, print and business service centers. The UPSStore locations in the U.S. are independently owned andoperated by licensed franchisees of The UPS Store, Inc., asubsidiary of UPS. Services, pricing and hours of operation mayvary by location. For additional information on The UPSStore, visit  www.theupsstore.com.

#  #  #

A file accompanying this release is available at: http://media.globenewswire.com/cache/30428/file/28350.pdf
CONTACT: Chelsea Lee         The UPS Store         858-455-8982         chelsealee@upsstore.com

UPS Logo