Tech Support

Let's not forget about the Goodwill data breach

Goodwill POS Data BreachAs long as we're talking data breaches, let's not forget Goodwill.

First - a sidenote. This summer's breach count is pretty remarkable. But it's not just the number. If we were to hear that 10, or 100, or 1,000 breaches had occurred since last spring, that would be something - but the importance of these breaches goes further: these are big-name, well-known entities we're talking about. These are businesses that many of us know, like and buy from on a regular basis.

These are organizations that, one would think, have the ability to implement sophisticated, preemptive lines of defense. To see them falling like dominoes just highlights the gap between how we actually handle security, and how we need to be handling it.

Ready for the news?

From Krebs, we get the incident:

On July 21, 2014, this site broke the news that multiple banks were reporting indications that Goodwill Industries had suffered an apparent breach that led to the theft of customer credit and debit card data. Goodwill later confirmed that the breach impacted a portion of its stores, but blamed the incident on an unnamed "third-party vendor" ...continue reading

From, we learn the in-road:

Goodwill Industries International Inc. on Wednesday identified retail point-of-sale services provider C&K Systems Inc. as the third-party vendor that hackers attacked to access data on more than 800,000 payment cards used for purchases at hundreds of Goodwill locations ...continue reading

From CryptZone, we get some perspective:

In the US, this almost seems to have become an epidemic. Back in January, the FBI followed up on the Target hack by circulating a three-page report among the nation's retailers: "We believe POS malware crime will continue to grow over the near term, despite law enforcement and security firms' actions to mitigate it," it warned, according to Reuters ...continue reading

For an analysis on how to prevent data breaches rooted in third-party vendor access, check out yesterday's post on the Jimmy John's hack that just hit the news.


November 16, 2017 at 3:16 PM
In "Financial Services", "Financial Technology", "Government Technology", "Health Technology", "POS", "Remote Support", "Network Security", "Customer Service", "GDPR Compliance", "Industrial Technology", "Retail Technology"
August 9, 2017 at 4:23 AM
In "POS", "remote vendor access", "Remote Support", "Secure remote access", "Network Security"
July 7, 2017 at 10:38 AM
In "data breach", "Financial Services", "Financial Technology", "Government Technology", "Health Technology", "network security", "POS", "pos security", "Remote Support", "Retail Network Security 2017", "Network Security", "Cybersecurity", "data security", "Industrial Technology", "IT Security", "retail network security", "Retail Technology"

Subscribe to Email Updates


Birkerød, DK
Portland, OR, US
Chicago, IL, US
Bucharest, RO

Americas: +1 866 725 7833
Worldwide: +45 4590 25 25

Our Tweets