US
Company Details
Linkedin ID:
the-ups-store
Website:
Employees number:
11,394
Number of followers:
32,391
NAICS:
43
Industry Type:
Homepage:
theupsstore.com
IP Addresses:
0
Company ID:
THE_5822149
Scan Status:
In-progress
The UPS Store Company CyberSecurity Posture
theupsstore.com
With more than 5,000 locally owned locations across North America, The UPS Store is the nation’s largest retail network of shipping, postal, printing and business service centers. The UPS Store, Inc., franchisor for The UPS Store locations in the U.S., is a wholly owned subsidiary of UPS. The UPS Store franchise locations offer consumers and small businesses a wide range of products and services to meet all their needs in one convenient location, including printing, packaging, shipping, mailbox services, moving supplies and other in-center services. The UPS Store has been recognized as the No. 1 Postal & Business Services franchise for 31 years straight by Entrepreneur Magazine “Franchise 500.” USA Today, G.I. Jobs recognized The UPS Store franchise as one of the 50 Top Franchises for Military Veterans. Additionally, The UPS Store franchise was named American Brand Excellence Award Winner in the Retail category by City Business Journals. The UPS Store retail ownership opportunities are available to “qualifying entrepreneurs.” The UPS Store has opportunities throughout the U.S. and Canada. Through an association with Franchise America Finance and The Bancorp Bank, The UPS Store also offers the option of national funding for qualified franchisee candidates. Be your own boss by opening a The UPS Store retail location. Learn more at https://www.theupsstorefranchise.com/
The UPS Store A.I CyberSecurity Scoring
US Risk Score (AI oriented)Between 700 and 749
US
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
US Global Score (TPRM)XXXX
US
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
US Company CyberSecurity News & History
Past Incidents
3
Attack Types
1
The UPS Store, Inc.
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: The Washington State Office of the Attorney General reported a data breach involving The UPS Store, Inc. on November 26, 2019. The breach occurred between October 11 and 22, 2019, as a result of a phishing incident affecting 506 Washington residents, potentially compromising names, Social Security numbers, driver's license or ID card numbers, and financial information.
The UPS Store, Inc.
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Washington State Office of the Attorney General reported a data breach involving The UPS Store, Inc. on January 20, 2020. The breach, which occurred between September 29, 2019, and January 13, 2020, was caused by a phishing attack, affecting 963 residents and compromising various types of personal information including names and Social Security numbers.
The UPS Store, Inc.
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: On August 20, 2014, The UPS Store, Inc. experienced a malware intrusion affecting 51 franchised center locations in 24 states. The breach potentially exposed customer names, postal addresses, email addresses, payment card information, Social Security numbers, and driver’s license numbers for those who made purchases between January 20, 2014, and August 11, 2014.
US Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for US
Incidents vs Retail Industry Average (This Year)
No incidents recorded for The UPS Store in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for The UPS Store in 2025.
Incident Types US vs Retail Industry Avg (This Year)
No incidents recorded for The UPS Store in 2025.
Incident History — US (X = Date, Y = Severity)
US cyber incidents detection timeline including parent company and subsidiaries
US Company Subsidiaries
With more than 5,000 locally owned locations across North America, The UPS Store is the nation’s largest retail network of shipping, postal, printing and business service centers. The UPS Store, Inc., franchisor for The UPS Store locations in the U.S., is a wholly owned subsidiary of UPS. The UPS Store franchise locations offer consumers and small businesses a wide range of products and services to meet all their needs in one convenient location, including printing, packaging, shipping, mailbox services, moving supplies and other in-center services. The UPS Store has been recognized as the No. 1 Postal & Business Services franchise for 31 years straight by Entrepreneur Magazine “Franchise 500.” USA Today, G.I. Jobs recognized The UPS Store franchise as one of the 50 Top Franchises for Military Veterans. Additionally, The UPS Store franchise was named American Brand Excellence Award Winner in the Retail category by City Business Journals. The UPS Store retail ownership opportunities are available to “qualifying entrepreneurs.” The UPS Store has opportunities throughout the U.S. and Canada. Through an association with Franchise America Finance and The Bancorp Bank, The UPS Store also offers the option of national funding for qualified franchisee candidates. Be your own boss by opening a The UPS Store retail location. Learn more at https://www.theupsstorefranchise.com/
Loading...
US Similar Companies
ALDI USA
Thank you for your interest in ALDI. We are aware of attempts to deceive applicants through fraudulent websites and email domains. Please know, ALDI recruiters will only contact you from an @aldi.us email address. As one of America’s favorite grocers, we believe in offering value and quality in
Nike
NIKE, Inc. is a purpose-driven organization energized by a shared commitment to move the world forward through the power of sport. We champion diversity and amplify individual passions to bring inspiration and innovation to every athlete* in the world. Here, every teammate has a role to play. We
Jewel-Osco
Proudly serving our customers in the Chicagoland area since 1899, Jewel-Osco provides friendly service, quality products and great value. Jewel-Osco operates 188 stores throughout the Chicagoland area, Indiana and Iowa, which is part of a 2,200+ store operation that employs approximately 290,000 peo
SAIEP
Supermercados La Anónima es líder absoluto en el mercado de venta de productos masivos en la Patagonia, tanto por el número de locales que opera como por su nivel de ventas. Presente en 75 ciudades del interior del país. Opera con tres unidades de negocios en su actividad principal, y cuenta con
Dollarama
Dollarama was founded by third-generation retailer and Canadian entrepreneur, Larry Rossy. It all started with one store, in Matane, Quebec, in 1992, and quickly grew over the next two decades to become a household name and shopping destination for Canadians from coast to coast. Dollarama today is
TJX Europe
TJX Europe is an exciting place to work with a rapid pace, different challenges every day, and a unique culture of teamwork and collaboration. We are the leading off-price retailer of fashion and homeware worldwide. Our brands in Europe are TK Maxx and Homesense, while elsewhere in the world we hav
Walmart
Sixty years ago, Sam Walton started a single mom-and-pop shop and transformed it into the world’s biggest retailer. Since those founding days, one thing has remained consistent: our commitment to helping our customers save money so they can live better. Today, we’re reinventing the shopping experien
Albertsons Companies
Albertsons Companies is one of the largest food and drug retailers in the United States, with over 2,200 stores in 34 states and the District of Columbia. Our well-known banners include Albertsons, Safeway, Vons, Jewel-Osco, Shaw's, Acme, Tom Thumb, Randalls, United Supermarkets, Pavilions, Star Mar
Kmart Australia Limited
We’re Team Kmart, on a mission to make everyday living brighter for our customers by improving the Kmart shopping experience – every time and everywhere they engage with us. For over fifty years now, we’ve been spreading the Kmart love to families of all shapes and sizes in Australia, then New Zea
.png)
US CyberSecurity News
October 20, 2025 07:00 AM
AWS ‘Returned to Normal Operations’ After Major Outage
There was a sharp rise in AWS users reporting issues with the website on Downdetector in the early hours of Monday morning.
October 07, 2025 07:00 AM
Mindgard Ups the Ante for Security of AI – Appoints Proven Cybersecurity Leader James Brear to Capture Expanding Market Opportunity
Mindgard, the leading provider of Artificial Intelligence security solutions, today announced the appointment of James Brear as Chief...
August 20, 2025 11:05 AM
Google Cloud Platform Ups Its Security Features: A Comprehensive Look at Enhanced Safeguards
At the 2025 Cloud Security Summit, the tech giant unveiled its new AI Protection Solution, designed to automatically detect and safeguard against AI agents.
July 28, 2025 07:00 AM
UPS’s AI Strategy: Analysis of Dominance in Logistics AI
UPS's AI strategy leverages data, automation, digital twins to dominate logistics through predictive optimization ,intelligent...
July 25, 2025 07:00 AM
Irish cybersecurity start-ups to watch in 2026
Discover Ireland's top cybersecurity start-ups to watch in 2026, from AI-driven threat defense to medical device security and encryption...
June 16, 2025 07:00 AM
SKT resumes eSIM sign-ups after 40-day suspension
Korea's largest mobile carrier SK Telecom resumed new subscriber sign-ups using eSIM technology on Monday, marking the end of a 40-day suspension.
February 06, 2025 08:00 AM
Small Business Grants You Can Apply For in February 2025
Cash in this winter with a private business grant to boost your company and get head of the competition. Written by. Isobel O'Sullivan.
September 02, 2024 07:00 AM
New Voldemort Malware Using Google Sheets To Store Stolen Data
Hackers abuse Google Sheets to covertly store and transmit stolen data or execute malicious scripts, taking advantage of its trusted platform status and...
May 23, 2024 07:00 AM
11 start-ups shaking up the cybersecurity landscape
Here are some of our top picks for cybersecurity start-ups around Europe that have been making waves in their fields.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
US CyberSecurity History Information
Official Website of The UPS Store
The official website of The UPS Store is https://www.theupsstore.com.
The UPS Store’s AI-Generated Cybersecurity Score
According to Rankiteo, The UPS Store’s AI-generated cybersecurity score is 738, reflecting their Moderate security posture.
How many security badges does The UPS Store’ have ?
According to Rankiteo, The UPS Store currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does The UPS Store have SOC 2 Type 1 certification ?
According to Rankiteo, The UPS Store is not certified under SOC 2 Type 1.
Does The UPS Store have SOC 2 Type 2 certification ?
According to Rankiteo, The UPS Store does not hold a SOC 2 Type 2 certification.
Does The UPS Store comply with GDPR ?
According to Rankiteo, The UPS Store is not listed as GDPR compliant.
Does The UPS Store have PCI DSS certification ?
According to Rankiteo, The UPS Store does not currently maintain PCI DSS compliance.
Does The UPS Store comply with HIPAA ?
According to Rankiteo, The UPS Store is not compliant with HIPAA regulations.
Does The UPS Store have ISO 27001 certification ?
According to Rankiteo,The UPS Store is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of The UPS Store
The UPS Store operates primarily in the Retail industry.
Number of Employees at The UPS Store
The UPS Store employs approximately 11,394 people worldwide.
Subsidiaries Owned by The UPS Store
The UPS Store presently has no subsidiaries across any sectors.
The UPS Store’s LinkedIn Followers
The UPS Store’s official LinkedIn profile has approximately 32,391 followers.
NAICS Classification of The UPS Store
The UPS Store is classified under the NAICS code 43, which corresponds to Retail Trade.
The UPS Store’s Presence on Crunchbase
No, The UPS Store does not have a profile on Crunchbase.
The UPS Store’s Presence on LinkedIn
Yes, The UPS Store maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/the-ups-store.
Cybersecurity Incidents Involving The UPS Store
As of November 27, 2025, Rankiteo reports that The UPS Store has experienced 3 cybersecurity incidents.
Number of Peer and Competitor Companies
The UPS Store has an estimated 15,247 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at The UPS Store ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
Incident Details
Can you provide details on each incident ?
Title: The UPS Store Data Breach
Description: The UPS Store, Inc. experienced a malware intrusion affecting 51 franchised center locations in 24 states, potentially exposing customer names, postal addresses, email addresses, payment card information, Social Security numbers, and driver’s license numbers for those who made purchases between January 20, 2014, and August 11, 2014.
Date Detected: 2014-08-20
Date Publicly Disclosed: 2014-08-20
Type: Data Breach
Attack Vector: Malware
Title: Data Breach at The UPS Store, Inc.
Description: The Washington State Office of the Attorney General reported a data breach involving The UPS Store, Inc. on November 26, 2019. The breach occurred between October 11 and 22, 2019, as a result of a phishing incident affecting 506 Washington residents, potentially compromising names, Social Security numbers, driver's license or ID card numbers, and financial information.
Date Detected: 2019-11-26
Date Publicly Disclosed: 2019-11-26
Type: Data Breach
Attack Vector: Phishing
Title: Data Breach at The UPS Store, Inc.
Description: The Washington State Office of the Attorney General reported a data breach involving The UPS Store, Inc. on January 20, 2020. The breach, which occurred between September 29, 2019, and January 13, 2020, was caused by a phishing attack, affecting 963 residents and compromising various types of personal information including names and Social Security numbers.
Date Detected: 2020-01-20
Date Publicly Disclosed: 2020-01-20
Type: Data Breach
Attack Vector: Phishing
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach THE1043072625
Data Compromised: Customer names, Postal addresses, Email addresses, Payment card information, Social security numbers, Driver’s license numbers
Incident : Data Breach THE1034072725
Data Compromised: Names, Social security numbers, Driver's license or id card numbers, Financial information
Incident : Data Breach THE232072825
Data Compromised: Names, Social security numbers
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Customer Names, Postal Addresses, Email Addresses, Payment Card Information, Social Security Numbers, Driver’S License Numbers, , Names, Social Security Numbers, Driver'S License Or Id Card Numbers, Financial Information, , Names, Social Security Numbers and .
Which entities were affected by each incident ?
Incident : Data Breach THE1043072625
Entity Name: The UPS Store, Inc.
Entity Type: Retail
Industry: Shipping and Logistics
Location: 24 states in the USA
Incident : Data Breach THE1034072725
Entity Name: The UPS Store, Inc.
Entity Type: Company
Industry: Retail
Location: Washington
Customers Affected: 506
Incident : Data Breach THE232072825
Entity Name: The UPS Store, Inc.
Entity Type: Business
Industry: Retail
Customers Affected: 963
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach THE1043072625
Type of Data Compromised: Customer names, Postal addresses, Email addresses, Payment card information, Social security numbers, Driver’s license numbers
Sensitivity of Data: High
Incident : Data Breach THE1034072725
Type of Data Compromised: Names, Social security numbers, Driver's license or id card numbers, Financial information
Number of Records Exposed: 506
Sensitivity of Data: High
Incident : Data Breach THE232072825
Type of Data Compromised: Names, Social security numbers
Number of Records Exposed: 963
Sensitivity of Data: High
References
Where can I find more information about each incident ?
Incident : Data Breach THE1043072625
Source: California Office of the Attorney General
Date Accessed: 2014-08-20
Incident : Data Breach THE1034072725
Source: Washington State Office of the Attorney General
Date Accessed: 2019-11-26
Incident : Data Breach THE232072825
Source: Washington State Office of the Attorney General
Date Accessed: 2020-01-20
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Office of the Attorney GeneralDate Accessed: 2014-08-20, and Source: Washington State Office of the Attorney GeneralDate Accessed: 2019-11-26, and Source: Washington State Office of the Attorney GeneralDate Accessed: 2020-01-20.
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2014-08-20.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2020-01-20.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were customer names, postal addresses, email addresses, payment card information, Social Security numbers, driver’s license numbers, , names, Social Security numbers, driver's license or ID card numbers, financial information, , Names, Social Security numbers and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were payment card information, Names, email addresses, financial information, names, postal addresses, driver's license or ID card numbers, customer names, Social Security numbers and driver’s license numbers.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 1.5K.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Washington State Office of the Attorney General and California Office of the Attorney General.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=the-ups-store' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
