Security News > 2022 > January > Goodwill discloses data breach on its ShopGoodwill platform
American nonprofit Goodwill has disclosed a data breach that affected the accounts of customers using its ShopGoodwill.com e-commerce auction platform.
ShopGoodwill's Vice President Ryan Smith said in data breach notification letters sent to impacted individuals that some of their personal contact information was exposed due to a site vulnerability.
Smith added that no payment information was exposed in the incident because ShopGoodwill does not store such data on its servers.
"We were recently alerted to an issue on our website which resulted in the exposure of some of your personal contact information to an unauthorized third party. This contact information includes your first and last name, email address, phone number, and mailing address," Smith explained.
"No payment card information was exposed; ShopGoodwill does not store payment card information. While the third party accessed buyer contact information, they did not access your ShopGoodwill account."
The nonprofit has fixed the ShopGoodwill vulnerability that led to the personal contact information exposure.
News URL
Related news
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)
- Texas Tech University System data breach impacts 1.4 million patients (source)
- Ireland fines Meta $264 million over 2018 Facebook data breach (source)
- New fake Ledger data breach emails try to steal crypto wallets (source)
- Meta Fined €251 Million for 2018 Data Breach Impacting 29 Million Accounts (source)
- 46% of financial institutions had a data breach in the past 24 months (source)
- UN aviation agency investigating possible data breach (source)
- Washington state sues T-Mobile over 2021 data breach security failures (source)
- Largest US addiction treatment provider notifies patients of data breach (source)
- STIIIZY data breach exposes cannabis buyers’ IDs and purchases (source)