UPS Says 51 Retail Stores Including One In Sapulpa Breached By Malware

Some customers of The UPS Store may have had their credit and debit card information exposed by a computer virus found on systems at 51 stores in 24 states including Oklahoma.

UPS says the Oklahoma store is at 1006 West Taft In Sapulpa.

A spokeswoman for UPS says the information includes names, card numbers and postal and email addresses from about 100,000 transactions between January 20 and August 11, 2014.

The company apologized to customers and is offering identity theft protection and credit monitoring services to customers.

United Parcel Service said Wednesday that it was among U.S. retailers who got a Department of Homeland Security bulletin about the malware on July 31. The malware is not identified by current anti-virus software.

Read UPS news release

The company is not aware of any fraud related to the attack, spokeswoman Chelsea Lee said.

Atlanta-based UPS said it hired a security firm that found the virus in systems at about 1 percent of the company's 4,470 franchised locations. At many stores, the intrusion did not begin until March or April.

Lee said that the problem was fixed by August 11 and the company took additional steps to protect systems at other stores.

She said the affected stores were not linked electronically, and UPS is still investigating how they were compromised.

From the company's description, the breach appeared far smaller than one that hit Target during the holiday-shopping season, when hackers stole credit and debit card information involving millions of customers. Fallout from the incident is still hurting profits. Target, which said Wednesday that second-quarter profit fell 62 percent, has spent $235 million related to the breach, partly offset by $90 million in insurance payments.