US-headquartered delivery service UPS has had data from over 100,000 transactions breached at 51 franchise outlets over eight months until August, the company has revealed.

UPS launched an investigation on advice from the US Department for Homeland Security in early August that a broad-based malware intrusion was being used to target retailers.

The attack could have exposed credit and debit card details, names, addresses and email addresses of customers who shopped across 51 branches between 20 January and 11 August 2014. UPS has 4,470 franchised stores running on independent private networks.

"Our customers can be assured that we have identified and fully contained the incident," said Tim Davis, president of the UPS Store subsidiary.

Davis claims that UPS acted fast upon being alerted to the malware. The UPS Store is offering complimentary identity protection services to affected customers for a period of 12 months.

The ‘Back off’ malware has affected over 600 businesses, according to cyber security company Trustwave, who worked on the breach investigation.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

The news broke on the day retailer Target downgraded its full year profit outlook, attributing this in part to damaged consumer
confidence after its own data breach at the end of 2013.

Target’s breach was the largest known theft of customer data and led to the resignation of its chief executive.

A study by Discover Financial Services’ Pulse ATM network in 2014 found that around 10% of all US debit cards were affected in the Target breach and almost 86% of financial institutions who took part in the research said they planned to issue EMV cards as a result.
In 2013, nearly 14% of all US debit cards were exposed in data breaches, compared to 5% in 2012, the study found.