AAPL Stock: 118.3 ( + 0.49 )

Printed from

Goodwill investigating possible data breach, could date back to 2013

updated 04:18 pm EDT, Tue July 22, 2014

Company says no breach confirmed, but continuing investigation with authorities

Goodwill Industries International, the business entity behind the popular nonprofit second-hand stores, announced this week that it is investigating a potential data breach involving credit card data. The breach was said to occur in selected stores within the United States, but Goodwill has offered no information on which stores were affected.

According to a statement from Goodwill, the company was contacted on Friday by federal authorities and a credit card fraud investigative unit that a number of stores may have been involved in a data theft. The statement mentions that Goodwill is working with authorities and industry contacts to review all of the information.

"At this point, no breach has been confirmed, but an investigation is underway," said the statement. "Goodwills across the country take the data of consumers seriously and their community well-being is our number one concern."

As the company looks into the breach, Goodwill spokeswoman Joye Taylor told CNN that an assembled team worked through the weekend to look into validity of the information. She confirmed that the company was working specifically with the United States Secret Service on the case. The government agency has had its hands busy since 2013 tracking other data breach activity including breaches at Target and Michaels craft stores.

"We are proactively engaged with the payment card industry contacts, the Secret Service and all Goodwill headquarters to identify what problem, if any, exists so that we can take prompt and appropriate actions as well as communicate appropriately to any affected parties," said Taylor.

Brian Krebs, of Krebs on Security, first reported on the possible breach, adding that it's unknown at this time how long ago the breach started. However, Krebs adds that the sources that informed him of the breach state that it "could extend back to the middle of 2013."

Krebs claims that insiders indicated that "multiple locations" are involved in the breach across numerous states. Insiders told Krebs that the breach could be across as many as 21 states, "including Arkansas, California, Colorado, Florida, Georgia, Iowa, Illinois, Louisiana, Maryland, Minnesota, Mississippi, Missouri, New Jersey, Ohio, Oklahoma, Pennsylvania, South Carolina, Texas, Virginia, Washington and Wisconsin."

If the suspected data breach is found to have resulted in the theft of customers' credit cards, it will mark the sixth major chain hit in recent history. P.F. Chang's, the most recent breach involving credit cards, still hasn't released major details on its case.

by MacNN Staff



Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented