Tunisian Cyber Army is continuing their operation referred as "#OpBlackSummer" - an operation against United States. This time, they hacked into the United Parcel Service(UPS) website.
In an email sent to EHN, the hacker stated that they have exploit this vulnerability in Customized Express Envelopes sub-domain (customizedenvelopes.ups.com).
This time, hackers didn't provide the vulnerable link. They provide the login credentials of admin (username and plain-text password).
Hackers also included two attachments in the mail : ups.com.docx, UsersOrderDetails.xls. Those files contains the Customer information including Address, Name, Company, email address, username, phone number and other details.