July 22 (Reuters) - U.S. charity Goodwill Industries International says federal authorities told it that some of its U.S. store locations may have been the victims of possible theft of payment card numbers.
“At this point, no breach has been confirmed but an investigation is underway,” the non-profit organization said in a statement on Monday, adding that it was working with industry contacts and federal authorities on the probe.
It said it was contacted on Friday by a payment card industry fraud investigative unit and federal authorities, and added that it would work proactively with any individual local Goodwill outlets involved, “taking appropriate actions if a data compromise is uncovered.”
Goodwill Industries describes itself as a membership organization comprised of 165 independent Goodwill headquarters, more than 2,900 retail stores, and an online auction site.
It sells donated merchandise to fund programs that it says helped almost 10 million people train for jobs last year.
“Goodwills across the country take the data of consumers seriously and their community well-being is our No. 1 concern,” the charity’s statement said.
A number of high-profile for-profit retailers have been victims of data breaches in recent months.
Discount retailer Target Corp reported in December that hackers had stolen data from up to 40 million credit and debit cards of shoppers who visited its stores during the first three weeks of the holiday season.
Upscale U.S. retailer Neiman Marcus reported a breach of about 1.1 million customer payment cards in January at 77 of 85 stores. (Reporting by Daniel Wallis; Editing by Lisa Shumaker)