Thursday, September 4, 2014

Topeka Goodwill Among 20 Stores Affected By Data Security Breach

(WIBW) -- Goodwill of Topeka is one of 20 stores in Kansas affected by what the company is calling a data security issue.
Goodwill reports a malware attack on its system between February 10, 2013 and August 14, 2014
This is the letter from Goodwill President and CEO Stefany Williams:
September 2, 2014
Dear Goodwill® Customers:
In July, Goodwill Industries International (GII), on behalf of its members, announced that some Goodwill members’ store locations may have been affected by a data security issue. Since that time, we have engaged a third-party forensic expert to conduct an extensive investigation. We have also been working closely with Federal law enforcement authorities and coordinating with the payment card brands to determine the facts.
The forensic investigation has confirmed that a third-party vendor’s systems had been attacked by malware, enabling criminals to access some payment card data of a number of the vendor’s customers. We want you to know that we have taken steps to secure our customers’ data and we have stopped using the affected vendor to process our customers’ payment cards. We also took immediate action to ensure the malware found on the third party vendor’s systems does not present a threat to individuals shopping at our stores.
Based on the investigation, we have determined the following:
Twenty Goodwill members that use the same affected third-party vendor have been impacted.
The investigation found no evidence of malware on any internal Goodwill systems.
The third-party vendor’s affected systems contained payment card information, such as names, payment card numbers and expiration dates, of certain Goodwill customers. There is no evidence that other Goodwill customer personal information, such as addresses or PINs, was affected by this issue.
The malware attack affected the vendor’s systems between February 10, 2013 and August 14, 2014. It affected our stores during this timeframe. Please visit for a list of all our local stores that used the affected vendor during the relevant time period.
We deeply regret any inconvenience this may cause. Our primary concern is for the people we serve — our community, our shoppers and our donors — and we are committed to ensuring that your information is safe and secure. We realize that data security is an issue that every retailer and consumer needs to be more and more aware of today.
We are notifying our customers about this issue so they can take steps to help protect their information. You are entitled under U.S. law to one free credit report annually from each of the three national credit bureaus. We encourage you to remain vigilant by reviewing your account statements and monitoring your free credit reports. If you believe your payment card may have been affected, please contact your bank or card issuer immediately. Additional information and security tips are available at
If you have any questions or would like more information, please call us toll-free at 1-800-GOODWILL. We will be available to answer your questions from 9 a.m.-9 p.m. on Saturdays; 10 a.m.-7 p.m. on Sundays; and 9 a.m.-9 p.m. on Mondays-Fridays Eastern time.
Protecting the privacy of our customers’ data information is extremely important to us, and we are diligently taking steps to help prevent this type of incident from occurring in the future. Again, we are very sorry this happened and we thank you for your continued support in helping Goodwill meet its mission of helping people with barriers to employment achieve economic independence for themselves and their families.
Stefany A. Williams
President / CEO
Goodwill of Western Missouri & Eastern Kansas

Goodwill’s Mission – We strengthen individuals, families and communities In need through the Power of Work. 

No comments:

Post a Comment