United Parcel Service (UPS) has just announced that 51 of its franchised UPS stores in 24 states were hacked by identity thieves using a malware referred to as “Backoff” which was used to infiltrate remote desktop software such as Microsoft’s Remote Desktop, Apple’s Remote Desktop, Chrome’s Remote Desktop, Splashtop, Pulseway and LogMein that allow the convenience of logging into a computer from a remote location.   A warning about Backoff and its targeting of Point-of-sale credit and debit card processing at retailers was issued by the Department of Homeland Security on July 31st.  In response to this warning, UPS was able to find that it had been hacked starting on January 2, 2014.  It was able to remove the malware on August 11, 2014.  An estimated 105,000 credit card and debit card transactions were affected and the data from those cards was stolen, placing the cardholders in extreme danger of identity theft.


Here is a link to the UPS website page that lists which stores were affected http://www.theupsstore.com/security/Pages/default.aspx

UPS is offering identity theft protection and credit monitoring services free for a year to any customer who used a credit card or debit card at any of the hacked stores during the relevant period.  In order to get more information about obtaining these services contact UPS at 855-731-6016 or go to their website at http://www.theupsstore.com/security/Pages/default.aspx

It is important to note that the laws protecting you from fraudulent use of your debit card are not as strong as those protecting you from fraudulent use of your credit card.  Don’t use your debit card for anything other than an ATM card.  It is also important for everyone to monitor their credit card use regularly to promptly identify any fraudulent use.