ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

Hack Report (Credit Card Breach): UPS Store August 2014

Updated on August 30, 2014

Published August 28, 2014

by Rachael O'Halloran

UPS Store - Latest Breach

Source

Heads Up! This Could Affect YOU!

Affecting about 100,000 customers of The UPS Store.

The UPS Store announced this week that it had suffered a massive data breach at 51 of its sites across the United States.

Now Read It In The Way An Affected Consumer Might Read It

The UPS Store Notifies Customers Of Potential Data Compromise and Incident Resolution

San Diego CA – August 20, 2014 –

  • [I take it that this notice IS my official notification!]

The UPS Store, Inc., among many other U.S. retailers,

  • [Oh My God, what other stores have I shopped at that the government notified them of a breach. And, why the hell aren't they notifying ME?]

recently received a government bulletin regarding a broad-based malware intrusion not identified by current anti-virus software.

  • ["Broad-based" means nothing to me except maybe it reaches far from home base. "Not identified by current anti virus software simply means they don't know what it was.]

Upon receiving the [government] bulletin, The UPS Store retained an IT security firm and conducted a review of its systems and the systems of its franchised center locations.

  • [I'm sure they ran right out to get help and that there was a panic in the company, but hey, I matter too. What about getting a list of those customers and notifying them sooner, rather than later?]

The UPS Store discovered malware identified in the bulletin on systems at 51 locations in 24 states (about 1%) of 4,470 franchised center locations throughout the United States.

  • ["51 locations in 24 states out of 4,470" looks impressive and when one initially reads it, it makes the numbers appear to lessen the severity of the breach, which is the intention when you see numbers that try to minimize damage, but it doesn't fool me.
  • 51 is a lot, 24 locations is a lot - and that's just the one locations they know about.
  • 4,470 franchises tells me some people MAY be looking to get out of the franchise business and look for something more stable. When you have to rely on computer systems of a parent company, if and when the parent company goes down, you go down. Give me a Mom and Pop organization any day.]

Based on the current assessment by The UPS Store and the IT security firm, certain customers’ information, who used a credit or debit card at the 51 impacted franchised center locations between January 20, 2014 and August 11, 2014, may have been exposed. For some center locations, the period of exposure to this malware began after January 20, 2014. The malware was eliminated as of August 11, 2014 and customers can shop securely at all The UPS Store locations.

  • ["current assessment" means this is not the final assessment. "center locations" implies shopping center locations, I believe. They say "it was eliminated on August 11, 2014 and customers can shop securely now at all locations." But knowing they had a hack, would you shop there again? Maybe without a credit card, but still, name and addresses are collected for package handling. All a hacker needs is a name and address.]

Tim Davis, President The UPS Store, Inc said: “I understand this type of incident can be disruptive and cause frustration. I apologize for any anxiety this may have caused our customers. At The UPS Store the trust of our customers is of utmost importance. As soon as we became aware of the potential malware intrusion, we deployed extensive resources to quickly address and eliminate this issue. Our customers can be assured that we have identified and fully contained the incident,” Davis said.

  • [They quickly addressed the issue on their end, but they waited 8 months on my end to tell me of the breach. That's 7 months and 29 days too long. He said they "addressed and fully contained the incident." Sounds like they called "Ghostbusters."]

Data Breach: January 2014 through August 11, 2014

Here's the official announcement:

"The UPS Store Notifies Customers Of Potential Data Compromise and Incident Resolution-- San Diego CA – August 20, 2014 – The UPS Store, Inc., among many other U.S. retailers, [my emphasis -I am still looking for the many other US retailers] recently received a government bulletin regarding a broad-based malware intrusion not identified by current anti-virus software.

"Upon receiving the bulletin, The UPS Store retained an IT security firm and conducted a review of its systems and the systems of its franchised center locations.

"The UPS Store discovered malware identified in the bulletin on systems at 51 locations in 24 states (about 1%) of 4,470 franchised center locations throughout the United States.

"Based on the current assessment by The UPS Store and the IT security firm, certain customers’ information, who used a credit or debit card at the 51 impacted franchised center locations between January 20, 2014 and August 11, 2014, may have been exposed.

"For some center locations, the period of exposure to this malware began after January 20, 2014. The malware was eliminated as of August 11, 2014 and customers can shop securely at all The UPS Store locations.

“I understand this type of incident can be disruptive and cause frustration. I apologize for any anxiety this may have caused our customers.

Tim Davis, President The UPS Store, Inc. said:

"At The UPS Store the trust of our customers is of utmost importance. As soon as we became aware of the potential malware intrusion, we deployed extensive resources to quickly address and eliminate this issue. Our customers can be assured that we have identified and fully contained the incident.”

Free!

"Based on the current assessment, the earliest evidence of the presence of this malware at any location is January 20, 2014. For most The UPS Store locations, based on our current assessment, the period of exposure to this malware began after March 26, 2014. This malware was eliminated as of August 11, 2014 and customers can shop securely at The UPS Store."

~~*~~*~~*~~*~~*~~*

After their apology statement, they throw in the normal spiel that they will offer an identity and credit monitoring service for 12 months that helps ONLY affected consumers to monitor their credit reports. Sometimes a company offers this for free for a set length of time; some are not free and are only discounted.

They should all be free!

It was not the consumer's fault that their company got hit with malware, but the consumer is the one who gets hurt in the end with compromised credit.

The monitoring service is available to those who used a debit or credit payment card at any of the 51 locations which were hit by malware during the stated date ranges. Your credit card statement or receipt is your proof of eligibility for the identity and credit monitoring service the company is offering.

Who keeps those receipts after checking their credit card statement, if they even bother?

Ok, I do and maybe some of you too. But I have a husband who tosses them in the trash can right outside the store (yes, he makes me crazy!!!) and I've seen other people just leave them on the counter, then leave the store.

If the store's computers didn't get hacked, the store trash receptacles can be gold mine for an opportunistic dumpster diving thief. It just takes a name, the last 4 digits of a credit card number on the receipt and if an address is also available in order to be able to track someone - either the sender or the recipient on the other end.

Although offering a credit monitoring service is all well and good, I still think the consumer is getting the short end of the stick here because these companies have insurance for this type of thing, so that they can offer that identity monitoring service for free or almost free because they are covered for it.

What would you like to see these companies offer to consumers in addition to a monitoring service? (See Poll)

Choose a Freebie!

In addition to credit report monitoring, I think all breached companies should offer ONLY affected consumers:

See results

Author's Note

It is real easy to remember a company for a breach. Don't we always remember something bad before we remember something good about a company?

I don't see anything wrong with companies giving out gift cards for free services (or a meal or two if it was a food establishment), something where they will be remembered for their benevolence.

Giving me free credit services is something I can get on my own. For Free. It really isn't costing these companies much money at all - perhaps the cost of insurance premiums.

Every time you report a breach at your favorite store where you have shopped with a credit card, debit card or by check, it is a federal law that you automatically get free monitoring services from the credit card companies and banks for minimum 6 months.

Watching your credit card and bank statements is something that you can get for free.

If you want me to think better of a company, give me something for free I can use - gift card for restaurants, merchandise discounts, etc.

The UPS Store Apology

"We apologize for any inconvenience and impact this incident may have had on our customers. The UPS Store is offering identity protection and credit monitoring services to impacted customers.

In order to take advantage of this service, please visit https://theupsstore.allclearid.com.

In addition, customers are encouraged to closely monitor their card account activity and take other steps to help protect themselves outlined in the customer letter. The UPS Store representatives are available at 1-855-731-6016 for additional assistance."


The impacted center locations, along with the timeframe for potential exposure to this malware at each location, follows this statement.

List of Affected UPS Stores

State
Address
Malware Intrusion Date
Arizona
10645 North Tatum Boulevard, Suite 200, Phoenix
April 29, 2014
 
5402 East Lincoln Driv, Scottsdale
January 26, 2014
 
500 North Estrella Parkway Suite #B2, Goodyear
January 26, 2014
 
3800 West Starr Pass Boulevard, Tucson
January 26, 2014
California
3419 East Chapman Drive, Orange
April 29, 2014
 
25A Crescent Drive, Pleasant Hill
April 29, 2014
 
1608 West Campbell Avenue, Campbell
July 1, 2014
 
3230 Arena Boulevard Suite 245, Sacramento
April 29, 2014
Colorado
3124 South Parker Road #A2, Aurora
March 26, 2014
 
5910 South University Boulevard Suite C-18, Greenwood Village
April 29, 2014
 
12081 West Alameda Parkway, Lakewood
April 29, 2014
Connecticut
35 East Main Street, Avon
March 28, 2014
 
1131 Tolland Turnpike Suite O, Manchester
July 1, 2014
Florida
2910 Kerry Forest Parkway D4, Tallahassee
January 20, 2014
 
1400 Village Square Boulevard #3, Tallahassee
January 20, 2014
Georgia
2700 Braselton Highway Suite #10, Dacula
April 29, 2014
 
1353 Riverstone Parkway Suite 120, Canton
April 29, 2014
 
1029 Peachtree Parkway North, Peachtree City
April 29, 2014
 
6361 Talokas Lane, Suite C140, Columbus
January 26, 2014
Idaho
6700 North Linder Road Suite 156A, Meridian
April 29, 2014
Illinois
2033 North Milwaukee Avenue, Riverwoods
July 1, 2014
 
276 East Deerpath Road, Lake Forest
March 26, 2014
Louisiana
17732 Highland Road Suite G, Baton Rouge
April 29, 2014
Maryland
10816 Town Center Boulevard, Dunkirk
April 29, 2014
Nebraska
4089 South 84th Street, Omaha
July 1, 2014
Nevada
5575 Simmons Street Unit 1, North Las Vegas
April 29, 2014
 
2657 Windmill Parkway, Henderson
July 1, 2014
 
7435 South Eastern Avenue Suite 105, Las Vegas
July 1, 2014
 
561 Keystone Avenue, Reno
April 29, 2014
New Jersey
1385 Highway 35, Middletown
April 29, 2014
 
1409 Marlton Pike Route 70 East, Suite 168, Cherry Hill
April 29, 2014
 
201 Strykers Road, Suite 19, Lopatcong
April 29, 2014
New York
420 South Riverside Avenue, Croton On Hudson
April 29, 2014
 
2520 Vestal Parkway East Suite 2, Vestal
April 29, 2014
 
2316 Delaware Avenue, Buffalo
April 29, 2014
North Carolina
6409 Fayetteville Road, Suite 120, Durham
April 29, 2014
 
2217 Matthews Township Parkway, Suite D, Matthews
April 29, 2014
 
1639 US Highway 74A Bypass, Spindale
July 1, 2014
 
217 Paragon Parkway, Clyde
April 29, 2014
North Dakota
387 15th Street West, Dickinson
March 26, 2014
Ohio
829 Bethel Road, Columbus
April 29, 2014
Oklahoma
1006 West Taft Street, Sapulpa
April 29, 2014
Pennsylvania
322 Mall Boulevard, Monroeville
July 1, 2014
 
512 Northampton, Edwardsville
April 29, 2014
South Dakota
2601 South Minnosota Avenue Suite 105, Sioux Falls
July 1, 2014
Tennessee
115 Penn Warren Drive #300, Brentwood
April 29, 2014
 
1138 North Germantown Parkway Suite 101, Cardova
April 29, 2014
Texas
2201 Long Prairie, Suite 107, Flower Mound
April 29, 2014
 
5605 FM 423, Suite 500, Frisco
April 29, 2014
Virginia
3445 Seminole Trail Route 29 North, Charlottesville
April 29, 2014
Washington State
1400 West Washington Stree Suite 104, Sequim
April 29, 2014
There was an all clear for transactions issued on August 11, 2014.

Links You Will Need

https://theupsstore.allclearid.com/

  • Fill out the form to verify you used a payment card at the relevant time at the stated store. (see list of stores in this article)

However, my thing about that form is this:

  • If the company said they didn't have enough information to locate the affected consumers, filling out this form must mean they have SOME amount of information to identify you to make sure you are an affected consumer! Right?
  • I think - as with all breaches -companies wanting consumers to fill out this form is a case of bringing Mohammed to the Mountain instead of bringing the Mountain to Mohammed. Laziness.
  • This form also brings out people who file claims fraudulently saying they are part of the breach and they really are not. They should lock up their butts too, in my humble but very opinionated opinion. lol

The UPS Store Home Page - News and Updates Section

US Federal law requires all three nationwide consumer credit reporting companies - Equifax, Experian and TransUnion - to give you a free credit report every 12 months if you ask for it. ASK!

Credit Karma - Free Credit Report - Great site offers free service.

Experian - Get a one time credit report for $1.00

Equifax - THIS IS A SERVICE OFFERED FOR A $19.95 PER MONTH FEE - gives credit reports for all 3 top credit reporting agencies by filing a request here. Credit card required!

Experian Identity Theft Protection - $15.95 per month monitoring service

Freecreditreport.com - FREE once a year report - if you want credit score, it carries a $1.00 fee

~~*~~*~~*~~*~~*~~*~~*~~*~~*

Rachael O'Halloran's "Common Sense" Security List™

  1. Any identity protection services offered by a breached company should be completely free - NOT discounted. If it is discounted, call the company and tell them you want it for free. Minimum ONE YEAR.
  2. Whether there has been a breach or not, as a normal practice, always review your credit card statements carefully and call your bank if you see any suspicious transactions.
  3. After a breach, there will always be some crook who starts up a scam by sending emails or making phone calls offering people identity theft protection. They are "phishers" of men. HANG UP.
  4. If, after ANY breach, if your bank or credit card company doesn't offer ID protection, (which they should), tell them you are going to find a company who cares about their customers. Follow through and do it!
  5. Anytime you hear of a breach, go to that company's website and on the security information screen, click on the links to see what areas have been breached. Then review your activity by using your calendar or credit card statements to see if you have crossed paths. Go back 6 months longer than the stated date on the breach because they always underestimate the starting date of malware breaches. (example: Target - 1 year longer, PFChang - 3 months longer)
  6. If a company offers an IDPROTECT™, LIFELOCK™, ALLCLEAR ID™ or similar type coverage, go to their website and check with them for the latest news. BOOKMARK IT so you have it to come back to or to forward to friends. Usually - and I use the word loosely - usually the personal information you enter to sign up for their FREE monitoring services is safe.

NOTE:

  1. Never use the same password for more than one website or company.
  2. Change passwords every 3 to 6 months.
  3. If you haven't visited a company's website of a card that you use often, it's time to take a look.

Data breaches are happening so often now that the US Government issued an advisory publication about POS (Point Of Sale) Malware and you can read it here:

So, get on the ball and keep track of your personal footsteps so if and when you ever get notified of a breach, it won't come as such a big shock to you.

You will, at the very least, be minimally prepared.

  • I have moved a lot of articles over to my blogs and I stopped reporting on breaches on HubPages about 2 months ago due to some harassing emails telling me that I was getting people upset about them each time I reported a new breach. "Stop reporting about breaches. We don't wanna know," one email said. Another said I should "You should concentrate on one thing - COPYRIGHTS and don't write about anything else."

Since both of those people were sockpuppet names (fake accounts, since closed) for other HP names, I don't know who they were, nor do I care. I write what I wish. I took the two months time to get my blogs in order. So if my breach articles are not as frequent, it is because I am putting them on my blogs. At the moment, I do not have one single unfeatured hub, so if HubPages decides they don't like the breach reports, they can unpublish them or at the very least they can unfeature them.

Thank you for reading.

Rache

Think About Requesting A Security Freeze At Credit Bureau

Disclaimer: This is what I, Rachael O'Halloran, do to help me keep on top of things. This list is by no means a guaranteed fix. These are suggestions.

I put a Security Freeze (credit freeze) on my credit file with each of the top three credit bureaus - Experian, Equifax and TransUnion.

  • This keeps all those pesky credit card applications and other offers (insurance, timeshare, refinance mortgage, donation requests etc.) from coming in the mail.

Typically, I don't apply for new credit cards during the freeze time because they will not be able to access my credit report.

  • However, I always apply for a single credit card at least ONE TIME, to make sure the freeze is working. I just make sure it is a credit card application I don't particularly have my heart set on being approved. If I get the card, I know the freeze is not on and I have to find out why. If I am denied because they can't access credit report, I know it worked.

Each company who sends a credit card offer has to have already accessed your credit report (and they do it without your consent!) in order to know if you are a good risk or not so they can make an offer to you.

The freeze is good for as long as you want it (up to 5 years) and can be removed at any time.

  • If you are going to buy a house or make a large purchase (apply for a home equity loan, buy a car, any kind of loan, etc.) in the next 6 months, this is NOT a good idea because of the turn-around time involved in putting on and taking off the freeze.
  • It takes 30 to 60 days to get you set up for the system stops the inquiries, and then another 30 days to forget all about you when you take it off.

If you have no big life decisions or purchases in your immediate future, go for it.

After two years, I lifted mine because we bought houses in Virginia and in Florida when moving from California. But when we were settled, I put the freeze back on again with all three credit reporting companies.

It didn't cost me a dime here on the East Coast, but when I lived in California I had to pay a $5.00 fee. I am told it varies by the state you live in.

They will require some identification before honoring the freeze request. Name, Social Security Number, Date of Birth, Proof of residence, all home Addresses for the last 10 years and a copy of a driver's license or government issue ID.

  • This is peace of mind for me only to keep those hundreds of offers from being sent in the mail and to keep my credit score in the excellent range.

Freezing keeps my credit score from fluctuating because each inquiry makes your credit score drop a certain number of points.

  • Don't ask me how they tabulate it. I just see mine going down when I'm not on a freeze and I keep getting all those mailings.

For example: I was at 950 credit score in California. I lifted the freeze to buy the 2 houses and make some large purchases on time payments (credit). Just for the 8 months of not having the freeze on the credit report, it went down to 825 points. Still in a good range, but a big drop in rating points. Then the offers started pouring in.

I got over 300 offers in the mail for:

  • Credit cards, debit cards, pre-paid cards
  • Financing a home mortgage
  • Offering better mortgage rates
  • Refinancing mortgage
  • You won 3 days, 2 nights weekend to come to our timeshare pitch. Because of your excellent credit rating, (and they put my rating in their letter!) we are prepared to offer you special financing so you buy at our rock bottom prices. Hurry, offer expires (date). You can count on getting another offer from them within 30 days with an extended date.
  • We will buy your timeshare (has my timeshare address and their ballpark money offer!)
  • We will eliminate your timeshare fees for life! (I see on my credit report that they checked my credit to see if I qualified for their program).
  • $100,000 life insurance GUARANTEED for your age! (it always says it is at a good rate, no matter how old I am, because I've been getting these for 20 years. The offers always include all my personal information - age, date of birth, residence, and health status)
  • I can't tell you how many donation requests I get. They increase every year in June and January.

So you can see that your credit report doesn't only keep a list of your credit cards, mortgages and other loans. Each time an inquiry is made - that is anyone who ever asked about you, ran a credit check or accessed your credit file for any reason - your credit report shows you their name, address and phone number, with the date they inquired. This is whether you get the credit card or take them up on their offer or not. It is still listed.

  • If you decided to put a freeze on your account for companies not to be able to make inquiries or send you their offers, write down your credit rating at start of the freeze and compare it to the rating at the end of the freeze, allowing at least one year from beginning to end.
  • Then leave off the freeze, noting the credit score and allow at least 6 to 9 months to go by while receiving all those offers and compare your credit rating.

I put my freeze back on in June 2014 and I am just now in August 2014 I'm seeing a reduction in mail offers. My credit rating is back up in the healthy 900's.

~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*

Your credit rating impacts anything you want to do -

  • buy a car,
  • get a credit card of your choice,
  • buy a house, and
  • sometimes getting a job, especially in financial services fields - where they check your credit score to make sure you are not in bankruptcy so they don't think you are a risk to their financial department. (think: embezzlement, cooking the books, etc.)

How Do You Feel About Articles On Breaches?

Lately, I have been chastised for writing articles on Data Breaches. Please state your "anonymous" opinion:

See results
Source

Do Not Copy

© Rachael O'Halloran, August 28, 2014

Comments

Submit a Comment

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #ologsinquito

    Oh, they do. They just don't all get reported. Like today, for example. Buried in the news reports is a little item that Google had over 5 million logins and passwords breached. Did you hear about it? Probably not, because big companies like Google can bury these stories.

    The story reads:

    5 million logins and passwords for Google plus and Gmail accounts was breached earlier this week and published on the Bitcoin Security board, which is a Russian cybersecurity forum.

    The guy who published them said 60% were valid because as soon as Google saw the breach, they said they notified users to change passwords. Yet in the same breath, Google said on the Russian forum's blog, that it analyzed the logins and passwords and found that less than two percent might have worked and they weren't worried about it.

    Earlier this week, around 6 million logins and passwords of users of Yandex were leaked. But Yandex insisted that their database was not compromised.

    No one wants to own up that it happened and when it does, they cover it up with lame excuses or explanations.

    Home Depot was hacked over a week ago and just Tuesday acknowledged that it was true for over 2200 stores in the US & Canada. It is an even bigger breach than the Target episode. So that's pretty bad.

    Keeping it quiet doesn't do anyone any good. If companies don't get on the ball, there should be sanctions to them for not reporting in a timely manner.

    Thanks for reading and commenting.

  • ologsinquito profile image

    ologsinquito 3 years ago from USA

    Given how smart some and persistent hackers are, I'm surprised these breaches don't happen much more regularly, with all the online and computerized transactions that take place.

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #teaches12345

    UPS is just one of 12 new breaches in the past two weeks. Home Depot is the newest one as of 3 days ago. Their site shows the zip codes of the stores who were breached, although they are hesitant to call it a breach yet. Credit cards and debit cards have already been sold on "card shop" websites and consumers have reported the theft and been issued new cards. The fact that Home Depot is waiting so long to own up doesn't speak well of them or their (dis) regard for their customer base.

    I think Lowe's Stores and other home improvement stores are going to get a lot of new customers.

    UPS was quick to own up and they were quick to address it with the obligatory FREE credit reports, Unfortunately there is not much more a company can do but give FREE credit reports and warn customers that they need to cancel their cards and get new ones issued.

    I'm glad your area is in the clear. Thanks for reading.

  • teaches12345 profile image

    Dianna Mendez 3 years ago

    I'm relieved my area is not one of the breached stores. It is so difficult these days to keep abreast of all the identity theft. Glad you are writing these posts Rachael.

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #Gypsy Rose Lee

    You are one of the fortunate ones. Thank you for reading and commenting.

  • Gypsy Rose Lee profile image

    Gypsy Rose Lee 3 years ago from Riga, Latvia

    Having no credit cards this information makes me glad I made that choice. For those who are affected this is very good information and thoroughly researched.

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #vkwok,

    You're right, it is scary.

    What I find hard to believe is that this breach didn't get more than a few minutes of airtime because it is important to the public. Our television news and other media are so censored that we only get access to what they want us to know. Do you know where I found out about this breach?

    On a United Kingdom (UK) website that came through on my Google Alerts that I have set up for "data breach" "credit card breach" "hackers" and things like that.

    When I searched the web for it, I found a blurb on CNN and a more intensive report on a government website that is set up as a watchdog site, which I now subscribe to. lol

    Thank you for reading, commenting and being a loyal reader.

  • vkwok profile image

    Victor W. Kwok 3 years ago from Hawaii

    It is always scary that there is somewhere out there stealing information that could affect us, but even more scary that the companies whose responsibility it was to protect that information aren't going to do a decent job of backing us up.

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #breakfastpop

    Working on my July & August 2014 report now. It is a doozy! Thanks for reading and commenting.

  • breakfastpop profile image

    breakfastpop 3 years ago

    I appreciate your articles. I want to know how my information is being compromised on a daily basis! You are performing a great service. Voted up and useful and awesome.

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #MsDora and #bravewarrior

    I am looking into who the other companies might be ... it will take me a while so when I know, all my readers will know too. lol

    The UPS Store breach made the national news for 10 seconds in the "In Other News" type of snippets. Local news at our other home in Virginia didn't cover it at all. It was kept under wraps pretty well.

    I am so far behind in my "data breach" reading since getting back from our two week vacation.

    This UPS breach was resolved on 8/11/2014 and they didn't notify the "select public" until 8/22. I didn't get to it until 8/26, then researched it for a few days and took a few hours to write it.

    I wish these companies would come clean in the beginning, instead of covering their butts first, and maybe consumers can start watching their credit statements more diligently instead of just giving the credit card statements the once over.

    I buy a lot on the internet and often have no cash register receipt. I have a printout from the computer screen. Sometimes I don't even bother to look at those when checking my 10 page statement (1 card) and just "know" that a charge on the bill was from an internet charge and forget about it, going on to charges I do have receipts for.

    How many others chalk internet charges up and they could be one of those charges that card thieves sneak in there to see if a credit card is good to go?

    So I have begun to CHECK EVERYTHING and I have found several charges for $1.98 and $4.99 for places I never heard of and really never bought anything from them.

    I reported the charges and they were removed, but I am now on top of it better because I check the statement online every couple of days for charges that shouldn't be there.

    It took one time in California for a breach to hit us after a restaurant got hit and I will never be caught unawares again. We only carry one card now and use it for internet purchases, gasoline and doctor's offices (who don't take cash here bec of high theft incidents). We are starting to pay by check to all those who won't take cash.

    When our one card goes bad again, we will do as before and revert to cash to those who will take it and those who won't take it, will have to wait for their money to get paid by check in the mail.

    @ people not being so nice about my breach hubs: I decided there are more who want to know, than those who don't. My blogs are not open to the general public, are by membership only for select groups who care about the topics. My following is word of mouth and I like it that way. I am not out to make a million bucks off of them. My Tumblr blogs are open to the public and most people find me there with more lighthearted fare that doesn't require comments. lol

    Thank you both for your support and for commenting on this important issue.

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #FlourishAnyway,

    Yes, the ink they use on the cash register receipts has so many toxins in it, you wouldn't believe.

    If I have a receipt that I know I will need for at least a year - income tax, warranty info, etc. - I run it through my scanner so I have a better printed copy. When the ink fades on the store receipt (designed to do so in 30 to 45 days in less than ideal conditions and 60 to 90 days in good climate conditions), that way I don't get upset when I can no longer read it.

    The handling of it is a "wash your hands twice and a 3rd time for good measure" kind of thing because of all the BPA's on the receipt. Thank you for your support and commenting on my work.

  • bravewarrior profile image

    Shauna L Bowling 3 years ago from Central Florida

    Rachael, I don't use the UPS Store but I'm curious as to the "other companies" that were affected.

    I check my statements monthly and attach all receipts to them. I never throw them away. Well, that is until it's safe to destroy a particular year's documents.

    As for people who complain about your breach hubs, I blow raspberries their way. Your hubs are informative and are only intended to help. How in the world can that be a bad thing?

  • MsDora profile image

    Dora Isaac Weithers 3 years ago from The Caribbean

    This could be a major upset, and customers are caught off guard, not expecting to need some of the document they might have already destroyed. I commend you for educating us along these lines with such thorough research. Thank you.

  • DDE profile image

    Devika Primić 3 years ago from Dubrovnik, Croatia

    You always have such well-researched hubs. Your efforts are worth anyone's time to stop by and read the important information.

  • FlourishAnyway profile image

    FlourishAnyway 3 years ago from USA

    The whole thing with keeping your receipt is compromised somewhat by the fading ink that many stores use (I kid you not). Keep the receipt out of the sun or heat because the type can disappear. You help keep folks informed.

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #billybuc,

    You are far too kind and I very much appreciate your praise. Some articles are real bears to research and others flow so easily that I wonder what I forgot. I guess because I write for Wikipedia and IMDb -both of which require intensive research - that I am just immune to the amount of work. But you are right, it IS work. I started some blogs a few months ago (13 of them so far!) and I'm trying to keep up with original content for them. They all are about "history," so my head is in the research game 24/7. Thank you for appreciating what I do and for your ongoing support.

  • billybuc profile image

    Bill Holland 3 years ago from Olympia, WA

    I'm always amazed by your hubs. I don't think people understand how much research goes into an article like this one. The stuff I write is just off the cuff, but your articles require so much work. My hat is off to you young lady. I love your commitment to telling it straight and helping others.

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #Brie Hoffman,

    Oh how I wish I could be too! Unfortunately we need a credit card for our doctors offices, because they won't take cash or bank transfer due to high theft. After having one card, it is only a matter of time before everything gets charged - food, gasoline, etc. We pay the bill off every month in full, so it doesn't cost us anything to have it. But every time I hear about a store being breached, if it is one that I frequent, I do a mental run through of when I've been there. Thanks for reading and commenting, Brie.

  • Brie Hoffman profile image

    Brie Hoffman 3 years ago from Manhattan

    It's news like this that makes me glad I have been credit card free for over 6 years now.