Security News > 2022 > January > Goodwill discloses data breach on its ShopGoodwill platform
American nonprofit Goodwill has disclosed a data breach that affected the accounts of customers using its ShopGoodwill.com e-commerce auction platform.
ShopGoodwill's Vice President Ryan Smith said in data breach notification letters sent to impacted individuals that some of their personal contact information was exposed due to a site vulnerability.
Smith added that no payment information was exposed in the incident because ShopGoodwill does not store such data on its servers.
"We were recently alerted to an issue on our website which resulted in the exposure of some of your personal contact information to an unauthorized third party. This contact information includes your first and last name, email address, phone number, and mailing address," Smith explained.
"No payment card information was exposed; ShopGoodwill does not store payment card information. While the third party accessed buyer contact information, they did not access your ShopGoodwill account."
The nonprofit has fixed the ShopGoodwill vulnerability that led to the personal contact information exposure.
News URL
Related news
- Dutch Police: ‘State actor’ likely behind recent data breach (source)
- Comcast and Truist Bank customers caught up in FBCS data breach (source)
- Internet Archive hacked, data breach impacts 31 million users (source)
- Internet Archive data breach, defacement, and DDoS: Users’ data compromised (source)
- Fidelity Investments says data breach affects over 77,000 people (source)
- Fidelity Data Breach Exposes Data of Over 77,000 Customers (source)
- USDoD hacker behind National Public Data breach arrested in Brazil (source)
- Tech giant Nidec confirms data breach following ransomware attack (source)
- Insurance admin Landmark says data breach impacts 800,000 people (source)
- Henry Schein discloses data breach a year after ransomware attack (source)