USCS
Company Details
Linkedin ID:
upssupplychainsolutions
Employees number:
15,027
Number of followers:
377,968
NAICS:
47
Industry Type:
Homepage:
ups.com
IP Addresses:
0
Company ID:
UPS_2973648
Scan Status:
In-progress
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
UPS Supply Chain Solutions Vendor Cyber Rating & Cyber Score
ups.comUPS Supply Chain Solutions offers a comprehensive portfolio of services to enhance customers' business performance, including logistics and distribution, transportation and freight, consulting, customs brokerage, and international trade services. UPS provides the expertise and the scale to meet the total supply chain needs of customers worldwide, whether it requires the movement of goods, information or funds.
UPS Supply Chain Solutions A.I CyberSecurity Scoring
USCS Risk Score (AI oriented)Between 750 and 799
USCS
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
USCS Global Score (TPRM)XXXX
USCS
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
USCS Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
UPS
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: UPS found that between February 2022 and April 2023, the perpetrators of the persistent SMS phishing campaign used its package look-up capabilities to obtain access to delivery information, including the recipients' personal contact information. The company has now put protections in place to limit access to this sensitive data in order to combat these sophisticated phishing attacks. The recipient's name, the address to which the box was being shipped, and possibly the phone number and order number were all available information through the parcel look-up facilities. In order to maintain transparency and raise awareness of the issue, UPS will notify people whose information may have been compromised.
USCS Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for USCS
Incidents vs Transportation, Logistics, Supply Chain and Storage Industry Average (This Year)
No incidents recorded for UPS Supply Chain Solutions in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for UPS Supply Chain Solutions in 2026.
Incident Types USCS vs Transportation, Logistics, Supply Chain and Storage Industry Avg (This Year)
No incidents recorded for UPS Supply Chain Solutions in 2026.
Incident History — USCS (X = Date, Y = Severity)
USCS cyber incidents detection timeline including parent company and subsidiaries
USCS Company Subsidiaries
UPS Supply Chain Solutions offers a comprehensive portfolio of services to enhance customers' business performance, including logistics and distribution, transportation and freight, consulting, customs brokerage, and international trade services. UPS provides the expertise and the scale to meet the total supply chain needs of customers worldwide, whether it requires the movement of goods, information or funds.
Loading...
USCS Similar Companies
Blue Dart
Blue Dart Express Ltd., South Asia's premier express air, integrated transportation & distribution company, offers secure and reliable delivery of consignments to over 56,000+ locations in India. Blue Dart is a provider of choice for its stakeholders due to its customer centric approach and aims to
Arvato
𝗪𝗲 𝘀𝗵𝗮𝗽𝗲 𝘀𝘂𝗽𝗽𝗹𝘆 𝗰𝗵𝗮𝗶𝗻𝘀 𝗴𝗹𝗼𝗯𝗮𝗹𝗹𝘆 Logistics seems so simple – just goods in, goods out. For us there is so much more to it. By combining deep industry expertise with the right technologies, we develop innovative supply chain management and e-commerce solutions for our clients. We have aligned our o
Rhenus Logistics
The Rhenus Group is one of the leading logistics specialists with global business operations and annual turnover amounting to EUR 8.2 billion. 41,000 employees work at 1,330 business sites in more than 70+ countries and develop innovative solutions along the complete supply chain. Whether providing
Transnet SOC Ltd
As the custodian of ports, rail and pipelines, Transnet’s objective is to ensure a globally competitive freight system that enables sustained growth and diversification of the country’s economy. As a state-owned company, Transnet continues to leave an indelible mark on the lives of all South Afri
GEODIS
GEODIS is a leading global logistics provider acknowledged for its expertise across all aspects of the supply chain. As a growth partner to its clients, GEODIS specializes in four lines of business: Global Freight Forwarding, Global Contract Logistics, Distribution & Express Transport, and European
PostNord
We make everyday life easier. PostNord is a leading provider of parcel and logistics services to, from, and within the Nordic region. We ensure the provision of a postal service to households and businesses in Sweden, regardless of where they live and work. PostNord connects companies, public auth
Poste Italiane
L'azienda opera in Italia e svolge un ruolo importante nel Paese, dando un forte contributo alla filiera produttiva e all'economia nazionale. Il Gruppo Poste Italiane rappresenta una realtà unica per dimensioni, riconoscibilità, capillarità e fiducia da parte della clientela, e fornisce un important
bnode
bnode (formerly bpostgroup) is a digital expert in parcel logistics, active in Europe, North America and Asia-Pacific. The group operates through three business units: 3PL (soon to be paxon, with brands as Active Ants, Staci and Radial), Cross-border (working under the name of Landmark Global) and B
With more than 82,000 employees at almost 1,300 sites in close to 100 countries, the Kuehne+Nagel Group is one of the world's leading logistics providers. Headquartered in Switzerland, Kuehne+Nagel is listed in the Swiss blue-chip stock market index, the SMI. The Group is the global number one in
.png)
USCS CyberSecurity News
March 04, 2026 08:00 AM
1 Large-Cap Stock with Exciting Potential and 2 Facing Headwinds
Large-cap stocks are known for their staying power and ability to weather market storms better than smaller competitors.
February 17, 2026 08:00 AM
Automotive supply chains redesigned amid shocks and disruption
Disruption has reshaped the automotive supply chain, with parts and skills shortages, reshoring and cybersecurity top concerns, AMS and...
February 17, 2026 08:00 AM
UNITED PARCEL SERVICE INC SEC 10-K Report
United Parcel Service Inc. (UPS), a global leader in package delivery and logistics, has released its 2025 Form 10-K report.
January 27, 2026 08:00 AM
Cybersecurity for renewable energy: Best practices to protect critical infrastructure
By adopting secure-by-design principles, auditing their supply chains, investing in cyber talent, and testing infrastructure regularly,...
January 14, 2026 08:00 AM
Škoda partners with Upstream to strengthen cybersecurity across connected vehicles
Upstream developed a platform that provides cybersecurity extended detection and response (XDR) for connected vehicles and IoT.
January 05, 2026 08:00 AM
Eaton Vulnerabilities Allow Attackers to Execute Arbitrary Code on Host Systems
Two high-severity vulnerabilities could allow attackers to execute arbitrary code on power-management systems used across organizations...
January 01, 2026 08:00 AM
Infosecurity's Top 10 Cybersecurity Stories of 2025
Explore Infosecurity Magazine's most-read cybersecurity stories of 2025, from major vendor shake-ups and zero-day exploits to AI-driven...
January 01, 2026 08:00 AM
Top 10 Best Supply Chain Intelligence Security Companies In 2026
Best Supply Chain Intelligence Security Companies 1. Sonatype 2. Snyk 3. Synopsys 4. JFrog 5. GitLab 6. BlueVoyant 7. Socket 8.
December 09, 2025 08:00 AM
Irish cybersecurity start-ups defy European decline
Ireland's cybersecurity firms closed 40% more VC deals in 2024 as European funding fell 9.5%. Companies raised €450m since 2014, led by...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
USCS CyberSecurity History Information
Official Website of UPS Supply Chain Solutions
The official website of UPS Supply Chain Solutions is https://www.ups.com/us/en/supplychain/home.
UPS Supply Chain Solutions’s AI-Generated Cybersecurity Score
According to Rankiteo, UPS Supply Chain Solutions’s AI-generated cybersecurity score is 782, reflecting their Fair security posture.
How many security badges does UPS Supply Chain Solutions’ have ?
According to Rankiteo, UPS Supply Chain Solutions currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has UPS Supply Chain Solutions been affected by any supply chain cyber incidents ?
According to Rankiteo, UPS Supply Chain Solutions has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does UPS Supply Chain Solutions have SOC 2 Type 1 certification ?
According to Rankiteo, UPS Supply Chain Solutions is not certified under SOC 2 Type 1.
Does UPS Supply Chain Solutions have SOC 2 Type 2 certification ?
According to Rankiteo, UPS Supply Chain Solutions does not hold a SOC 2 Type 2 certification.
Does UPS Supply Chain Solutions comply with GDPR ?
According to Rankiteo, UPS Supply Chain Solutions is not listed as GDPR compliant.
Does UPS Supply Chain Solutions have PCI DSS certification ?
According to Rankiteo, UPS Supply Chain Solutions does not currently maintain PCI DSS compliance.
Does UPS Supply Chain Solutions comply with HIPAA ?
According to Rankiteo, UPS Supply Chain Solutions is not compliant with HIPAA regulations.
Does UPS Supply Chain Solutions have ISO 27001 certification ?
According to Rankiteo,UPS Supply Chain Solutions is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of UPS Supply Chain Solutions
UPS Supply Chain Solutions operates primarily in the Transportation, Logistics, Supply Chain and Storage industry.
Number of Employees at UPS Supply Chain Solutions
UPS Supply Chain Solutions employs approximately 15,027 people worldwide.
Subsidiaries Owned by UPS Supply Chain Solutions
UPS Supply Chain Solutions presently has no subsidiaries across any sectors.
UPS Supply Chain Solutions’s LinkedIn Followers
UPS Supply Chain Solutions’s official LinkedIn profile has approximately 377,968 followers.
NAICS Classification of UPS Supply Chain Solutions
UPS Supply Chain Solutions is classified under the NAICS code 47, which corresponds to Transportation and Warehousing.
UPS Supply Chain Solutions’s Presence on Crunchbase
No, UPS Supply Chain Solutions does not have a profile on Crunchbase.
UPS Supply Chain Solutions’s Presence on LinkedIn
Yes, UPS Supply Chain Solutions maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/upssupplychainsolutions.
Cybersecurity Incidents Involving UPS Supply Chain Solutions
As of April 02, 2026, Rankiteo reports that UPS Supply Chain Solutions has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
UPS Supply Chain Solutions has an estimated 6,531 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at UPS Supply Chain Solutions ?
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak.
How does UPS Supply Chain Solutions detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an remediation measures with put protections in place to limit access to sensitive data, and communication strategy with notify affected individuals..
Incident Details
Can you provide details on each incident ?
Title: UPS Data Breach via SMS Phishing Campaign
Description: UPS discovered that between February 2022 and April 2023, attackers used its package look-up capabilities to access delivery information, including recipients' personal contact information.
Date Detected: February 2022
Type: Data Breach
Attack Vector: SMS Phishing
Vulnerability Exploited: Package look-up capabilities
Motivation: Data Theft
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Data Leak.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Package look-up capabilities.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach UPS134025623
Data Compromised: Recipient's name, Shipping address, Phone number, Order number
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Contact Information, Delivery Information and .
Which entities were affected by each incident ?
Incident : Data Breach UPS134025623
Entity Name: UPS
Entity Type: Organization
Industry: Logistics and Delivery
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach UPS134025623
Remediation Measures: Put protections in place to limit access to sensitive data
Communication Strategy: Notify affected individuals
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach UPS134025623
Type of Data Compromised: Personal contact information, Delivery information
Personally Identifiable Information: Recipient's nameShipping addressPhone number
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Put protections in place to limit access to sensitive data, .
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Notify Affected Individuals.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach UPS134025623
Entry Point: Package look-up capabilities
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on February 2022.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Recipient's name, Shipping address, Phone number, Order number and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Phone number, Shipping address, Recipient's name and Order number.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Package look-up capabilities.
.png)
Latest Global CVEs (Not Company-Specific)
Description
A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=upssupplychainsolutions' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
