Goodwill Industries is investigating a potential data breach that may be leaving customer and payment information vulnerable to cybercriminals. A total of 2,900 Goodwill stores could have been impacted by the breach.
The nonprofit agency and thrift store chain is investigating whether credit card data has been stolen, according to The New York Times. In a statement last week, representatives from Goodwill reported that federal authorities and a fraud investigation unit contacted the company regarding the potential crime.
“At this point, no breach has been confirmed, but an investigation is underway,” the statement said. “Goodwill Industries International is working with industry contacts and the federal authorities on the investigation.” The agency reported that it would “work proactively with any individual local Goodwill involved, taking appropriate actions if a data compromise is uncovered.”
Financial institutions across the U.S. initially uncovered the potential breach after discovering and tracking a series of reported credit card breaches involving Goodwill, according to KrebsOnSecurity.
If this breach is verified, Goodwill will be the sixth retail chain to experience a publicized system compromise in 2014.