Security News > 2022 > January > Goodwill discloses data breach on its ShopGoodwill platform
American nonprofit Goodwill has disclosed a data breach that affected the accounts of customers using its ShopGoodwill.com e-commerce auction platform.
ShopGoodwill's Vice President Ryan Smith said in data breach notification letters sent to impacted individuals that some of their personal contact information was exposed due to a site vulnerability.
Smith added that no payment information was exposed in the incident because ShopGoodwill does not store such data on its servers.
"We were recently alerted to an issue on our website which resulted in the exposure of some of your personal contact information to an unauthorized third party. This contact information includes your first and last name, email address, phone number, and mailing address," Smith explained.
"No payment card information was exposed; ShopGoodwill does not store payment card information. While the third party accessed buyer contact information, they did not access your ShopGoodwill account."
The nonprofit has fixed the ShopGoodwill vulnerability that led to the personal contact information exposure.
News URL
Related news
- American Express credit cards exposed in vendor data breach (source)
- American Express credit cards exposed in third-party data breach (source)
- French unemployment agency data breach impacts 43 million people (source)
- 43 million workers potentially affected in France Travail data breach (source)
- Fujitsu found malware on several systems, confirms data breach (source)
- Fujitsu found malware on IT systems, confirms data breach (source)
- Fujitsu finds malware on company systems, investigates possible data breach (source)
- Yacht retailer MarineMax discloses data breach after cyberattack (source)
- OWASP discloses data breach caused by wiki misconfiguration (source)
- AT&T faces lawsuits over data breach affecting 73 million customers (source)