Data Breach at Goodwill Compromises 868,000 Cards

Data Breach at Goodwill Compromises 868,000 Cards

September 4, 2014         Written By John H. Oldshue

Goodwill Industries confirmed yesterday that a data breach in 330 of its stores may have compromised an estimated 868,000 debit and credit cards.

Payment card information, such as names, payment card numbers and expiration dates, may have been compromised. However, personal information such as addresses and PIN numbers were not affected.

According to their investigation, a third-party vendor’s systems were attacked by malicious software, enabling criminals to access some payment card data of a number of the vendor’s customers. The impacted Goodwill stores used the same affected third-party vendor to process credit card payments. Goodwill is not naming the third-party vendor due to an ongoing investigation.

The investigation found no evidence of malware on any internal Goodwill systems.

The breach has affected 330 stores in 19 states plus the District of Columbia. Goodwill has been investigating the possibility of a breach since July.

“We took immediate steps to address this issue, and we are providing extensive support to the affected Goodwill members in their efforts to prevent this type of incident from occurring in the future,” Jim Gibbons, president and CEO of Goodwill Industries International, said in a statement.

The information contained within this article was accurate as of September 4, 2014. For up-to-date information on any of the terms, cards or offers mentioned above, visit the issuer's website. Many of the offers on this article are from our affiliate partners, and may be compensated if you take action with any of our affiliate partners.


About John H. Oldshue

John Oldshue is the creator of He worked for over 15 years in television and won an Emmy award for his reporting. He covers credit card rate issues for
View all posts by John H. Oldshue