The UPS Store is the latest retail chain to be targeted in a data breach leading to the theft of customers' credit card information.
The shipping and business services store announced Wednesday that 51 US stores in 24 states had been hacked via a malware intrusion on the store's computer systems. The breach affected about 1 percent of all UPS Stores.
The company has determined that customers who used a credit or debit card at these stores between January 20, 2014, and August 11, 2014, could have been exposed to the breach. Private customer information that may have been leaked includes names, postal addresses, email addresses, and credit and debit card data.
"I understand this type of incident can be disruptive and cause frustration. I apologize for any anxiety this may have caused our customers. At The UPS Store the trust of our customers is of utmost importance," The UPS Store president Tim Davis said in a statement. "As soon as we became aware of the potential malware intrusion, we deployed extensive resources to quickly address and eliminate this issue. Our customers can be assured that we have identified and fully contained the incident."
The company became aware of the breach after the US government notified the chain it had discovered a "broad-based malware intrusion" in its system. The UPS Store hired an IT security firm to investigate further. This firm then located the malware in the 51 stores' systems.
The hack into The UPS Store comes amid an apparent uptick in security breaches at retail locations. Retail giant Target revealed in December that hackers obtained credit card data for more than 110 million customers who shopped in its stores late last year. And, over the past few months, arts and crafts retail chain Michaels Stores, department store Neiman Marcus, and restaurant chain P.F. Chang's revealed they were victims of security breaches aimed at stealing customer's credit card information.
The UPS Store said it eliminated the malware as of August 11 and has notified potentially affected customers of the breach. The company is offering identity protection and credit monitoring services to those customers.