Goodwill Slammed by Latest POS Scam

No morals, these hackers…

Like there was a more selfless organization you could steal from, today it was reported that the major thrift retailer Goodwill could be the latest in a long line of targets who have had their point-of-sale systems hacked by criminal rings who pull financial details from compromised credit cards en masse.

Goodwill themselves were oblivious to the problem until the FBI contacted the company, and warned them that several of their stores within the US could have been compromised by an unknown ring of hackers who used similar tactics to those seen in the Target breach.

“Goodwill Industries International was contacted last Friday afternoon by a payment card industry fraud investigative unit and federal authorities informing us that select U.S. store locations may have been the victims of possible theft of payment card numbers,” the US non-profit said in a statement.

When the Neiman Marcus hack was first reported, there wasn’t as much uproar as you might expect from others like what we saw with Target, mostly due to the premium nature of the products they carry and the posh people who shop there. When the rich lose money, it somehow always comes back to them (usually with interest), but when lesser outlets like Goodwill bear the brunt of a campaign like this, it hits especially hard due to the generally down-on-their-luck clientele which frequent the donation-based retailer.

Around 21 states have been reported as a part of the conspiracy, and while the company themselves are approaching the allegations with an understandable amount of caution, it will only be so long before the full details of the case are revealed and those affected can start monitoring their banks accounts for any signs of sleazy dealings.

Target deployed similar tactics when they were the subject of the same type of campaign late last year, first assuring customers that their company was safe to shop at, only to redact on that statement a mere few days later when the full extent of the problem was forced out of them by the United States government.

The Secret Service, who is strangely enough burdened with the task of investigating financial crimes in America, has been apprehensive of claiming this breach is anywhere near as serious as what we saw with Target, however they also made sure not to mince words when it came to how serious people should be taking the situation if they’ve swiped their card at the donation-based business in the past several months.

Initial reports put the stretch of the breach around a year, with the earliest evidence of malfeasance reaching back to July of 2013. With so much time between then and now, this could either be one of the largest attacks we’ve seen in this space yet, or it could amount to nothing based on the fact that it took so long for anything to pop up on the radar in the first place.

More details should be available in the coming weeks, and until then anyone who’s frequented Goodwill in the past year should carefully evaluate their financial statements for signs that something may be amiss.