Experts On UPS Reveals Phishing Attack Might Have Exposed Customer Information

The United Parcel Service (UPS) revealed that a phishing incident might have exposed the information of some of its customers. In its “Notice of Data Breach” letter, UPS disclosed that an unauthorised person had used a phishing attack to gain access to store email accounts at some of its store locations between September 29, 2019 and January 13, 2020.

UPS did not specify in the letter precisely how many stores were involved, only saying that a “small percentage” were hit by the criminal act, which took place between approximately Sept. 29, 2019 and Jan. 13, 2020. However, Robinson clarified that the breach affected about 100 stores, less than two percent of The UPS Store’s U.S. locations.

The company said that since discovering the breach, it hired a third-party cyber firm to conduct an investigation, and it “has taken steps to further strengthen and enhance the security of systems in The UPS Store, Inc. network, including updating administrative and technical safeguards.”


EXPERTS COMMENTS
Javvad Malik, Security Awareness Advocate,  KnowBe4
January 24, 2020
The incident increasingly demonstrates the impact on companies and their customers.
It's good to see UPS informing their customers as soon as they discovered the breach and outlining the steps they've taken. The incident increasingly demonstrates the impact on companies and their customers that can arise from even the most basic of phishing attacks. There should be no reason in today's age that any company does not take steps to deliver security awareness and training to all thei ....
[Read More >>]
Javvad Malik, Security Awareness Advocate,  KnowBe4
January 24, 2020
The incident increasingly demonstrates the impact on companies.
It's good to see UPS informing their customers as soon as they discovered the breach and outlining the steps they've taken. The incident increasingly demonstrates the impact on companies and their customers that can arise from even the most basic of phishing attacks. There should be no reason in today's age that any company does not take steps to deliver security awareness and training to all thei ....
[Read More >>]
Peter Draper, Technical Director, EMEA,  Gurucul
January 23, 2020
Providing protection against credential misuse by deploying MFA/Advanced authentication is one of the primary protections.
Here we have another example of the most common issue facing companies today - phishing attacks that allow bad actors to breach corporate systems. It is clear that phishing is never going to be eradicated so companies need to do all they can to protect against it. The challenge is there are many ways that bad actors breach systems using phishing. Providing protection against credential misuse by d ....
[Read More >>]

If you are an expert on this topic:

Dot Your Expert Comments

SUBSCRIBE to alert when new comments are posted on this news. :




In this article