The investigation of the incident is carried out by Goodwill Industries International Inc. and the US Secret Service.
According to security investigative reporter Brian Krebs, the company said that it learned of a possible breach at its stores on Friday, July 18. His sources in the financial industry revealed that the cards used fraudulently have all been processed at one time or another since the middle of 2013, at the Goodwill stores.
“Goodwill Industries International is working with industry contacts and the federal authorities on the investigation. We will remain appraised of the situation and will work proactively with any individual local Goodwill involved taking appropriate actions if a data compromise is uncovered,” the company wrote in an email.
The details of the card has been compromised and no details were leaked or affected
Goodwill Industries has about 165 independent agencies, spread across multiple countries, United States, Canada, Venezuela, Brazil, Mexico, Panama and Uruguay being among them.
Most of the stores are concentrated in the United States, in about 21 states: Arkansas, California, Colorado, Florida, Georgia, Iowa, Illinois, Louisiana, Maryland, Minnesota, Mississippi, Missouri, New Jersey, Ohio, Oklahoma, Pennsylvania, South Carolina, Texas, Virginia, Washington and Wisconsin.
“Goodwill Industries International is working with industry contacts and the federal authorities on the investigation. We will remain appraised of the situation and will work proactively with any individual local Goodwill involved taking appropriate actions if a data compromise is uncovered.”
Based on data from 2013, Goodwill offered employment services and training programs to about 9.8 million people, and 261,875 individuals found a job based on such programs. The company earned $5.17 / €3,823 billion in revenue and 83% was spent on the aforementioned initiatives.