UPS Discloses Breach at 51 Stores

United Parcel Service driver Marty Thompson starts his truck up after making a delivery in Cumming, Ga.

United Parcel Service driver Marty Thompson starts his truck up after making a delivery in Cumming, Ga. David Goldman/AP

Featured eBooks
AI in the Workplace
Read Now

CX in Action

Read Now

Next Steps for CMMC

Read Now
By Nextgov/FCW Staff

By Nextgov/FCW Staff

|

The Department of Homeland Security said a type of malicious software known as 'Backoff' is likely to blame.

UPS came forward relatively quickly about a payment system hack that was discovered after the retailer received a sectorwide, government-issued alert about a specific form of antivirus-proof infection.

UPS proactively hired a cybersecurity firm to inspect all store systems “upon receiving the bulletin,” company officials said in a statement.

The malicious software in play is believed to be Backoff, a “point-of-sale” infection that scrapes system memory for payment card data and logs keystrokes, according to a July 31 Department of Homeland Security bulletin that was updated Aug. 18.

Customer data that might have been compromised includes names, postal addresses, email addresses and payment card information.

Read the rest at ThreatWatchNextgov’s regularly updated index of cyber breaches.

And find out even more on “NG Cybersecurity,” our new iPhone app. 

NEXT STORY: CDM enters stage two: Critical applications