Goodwill Investigation: Company Looks Into Possible Credit Card Data Breach

Goodwill investigation into a possible credit card data breach was announced Monday, July 21, after the company received a call from federal authorities.

On Friday, July 18, Goodwill Industries International was contacted by a federal fraud investigation unit about the possible data breach but only at its American stores, according The New York Times Blog Bits. The company said it is investigating and working with the authorities to discover any kind of breach.

“At this point, no breach has been confirmed, but an investigation is underway,” a statement from the company said. “Goodwill Industries International is working with industry contacts and the federal authorities on the investigation.”

While little information about the breach has been reported, according to LA Times, only “select” stores have had their data breached.

The potential breach was initially reported by security blogger Brian Krebs, who said a high number of cards had been used at Goodwill before the fraudulent purchases were made.

Goodwill is based out of Rockville, Maryland, and has 2,900 stores. The store takes donated items, such as clothing, book and furniture, and resells them at low prices. The proceeds are then used to help the community.

If the Goodwill investigation confirms the breach, it will join a growing list of major chains that have had a similar breach. Among the six confirmed, Target was one of the largest. The Target hackers stole more than 40 million customers’ names, credit cards, security codes and passwords, according to a previous report from The Inquisitr.

“Yesterday we shared that there was unauthorized access to payment card data at our U.S. stores,” Target CEO Gregg Steinhafel said. “The issue has been identified and eliminated. We recognize this has been confusing and disruptive during an already busy holiday season. Our guests’ trust is our top priority at Target and we are committed to making this right.”

The problem seems to come down antiquated credit card systems that are used in the U.S. Most in European countries use a chip and pin system, which has better protection than the magnetic strip used in the U.S. The chip is embedded in the card and collects information — instead of being stored in the magnetic strip. The card then generates a new and unique code for every transaction — so it’s hard to duplicate. And with the pin number, which is required for every transaction, the chip system is airtight and superior to the flimsy magnetic-strip cards.

For this week system, the U.S. is the top victim for stolen information and credit fraud.

[Photo by Dwight Burdette]