Nonprofit organization Goodwill Industries Inc. is working with federal officials to investigate a possible security breach.
The Rockville, Maryland-based organization said late Monday that it was contacted Friday by a payment card industry fraud investigative unit and federal authorities who said payment card numbers may have been stolen from some U.S. stores. Goodwill said it is working with credit card makers, the Secret Service and fraud investigators to figure out if a breach occurred, but so far none has been discovered.
Goodwill operates more than 2,900 stores and takes in annual retail sales of $3.79 billion. It sells donated merchandise to fund job programs.
Since the company's stores are operated by about 165 regional headquarters around the country, there is no centralized database of all of its customers' credit card information. That could limit a breach, if one occurred, to certain Goodwill locations.
The investigation follows a spate of high-profile data breaches at Target, Neiman Marcus and other retailers.
Below is Goodwill's statement on the issue, posted on its website:
"Goodwill Industries International is a membership organization comprised of 165 independent Goodwill headquarters. Goodwill Industries International was contacted last Friday afternoon by a payment card industry fraud investigative unit and federal authorities informing us that select U.S. store locations may have been the victims of possible theft of payment card numbers. Investigators are currently reviewing available information. At this point, no breach has been confirmed but an investigation is underway.
Goodwills across the country take the data of consumers seriously and their community well-being is our number one concern. Goodwill Industries International is working with industry contacts and the federal authorities on the investigation. We will remain apprised of the situation and will work proactively with any individual local Goodwill involved taking appropriate actions if a data compromise is uncovered."