It was announced this week that UPS was the latest in a string of major companies to suffer data breaches. The shipping company admitted on their website that 51 of their locations in 24 states had been hit by sophisticated and coordinated attacks on their point-of-sale systems. According to a post on the company’s website, the POS scam may have affected as many as 100,000 transactions that took place between January 20 and August 11 of this year. Customer data that may have been compromised during the breach includes names, email and physical addresses and payment card information.
According to the UPS’s post, the organization was first aware that their franchise locations may have suffered a breach when they received a government bulletin informing themof a broad-based malware intrusion that wasn’t being detected by standard antivirus software. Once UPS received the notification a security firm was hired to conduct a review of the company’s system, as well as those belonging to their franchise stores. Franchise locations are owned and operated individually and run on an independent, private network that is not connected to the other independent stores. Once all of the private systems were reviewed, it was discovered that some were indeed hosting malware that had affected their POS systems.
It took an alert from the government for UPS to know to look for malware on their systems, and without that notice the virus may have persisted for months or even years before being discovered. As cyberattacks become more frequent and sophisticated, waiting until a problem has already occurred isn’t enough to keep enterprise data safe a customers protected. Security information and event management solutions allow businesses to monitor their systems around the clock and can be alerted to any suspicious or anomalous behavior. Concierge SIEM services provide companies with actionable information they can use to defend against data breaches and stay ahead of hackers.