UPS announced yesterday, August 20th, that a security breach may have led to customer's credit and debit card information being stolen at 51 franchises across the United States.
Through an investigation beginning July 31st, it was discovered that malware was installed on in-store cash registers at 51 locations across 24 states, which accounts for roughly 1 percent of UPS's 4,470 franchises. In a public statement yesterday, UPS stated that customers who used their debit or credit cards at the affected locations from January 20 to August 11th may have been exposed to the malware, although most exposure began after March 26.
BBB serving San Diego, Orange and Imperial counties recommends consumers who may be affected by this security breach to take the following actions:
Change your passwords quickly: Even if you have the slightest suspicion (or have purchased a product or service at one of the locations mentioned in the link above) please change your credit and debit card account passwords. When creating a new password, it is important they are at least 10 characters long and contain a mix of upper and lowercase letters, numbers an symbols.
Cross check receipts and charges: Always keep your receipts from charges on your credit and debit cards. It's important to cross check what you were billed at time of purchase against the charge actually made on your card.
Never provide financial or other confidential information via phone or email: Don't click on links or provide financial/personal information in light of a phone call or email. After a breach such as this, scammers abound with phishing emails and cold calls trying to collect additional information from unsuspecting customers looking for help from their banking institution.
UPS is offering one year of free identity protection and credit monitoring services to any customer who had used a credit or debit card at any of the affected store locations.