Goodwill Industries of South Central California Breach
Date: July, 2022The Goodwill Industries of South Central California is a regional subset of the retail and nonprofit organization that's available all over the United States. The non-profit organization maintains retail stores selling using goods and donates much of the revenue generated by its stores to help unemployed and at-risk individuals find jobs. The South Central California branch of Goodwill recently experienced a serious data breach that may have exposed some employees and a few customers as well.
What Was the Breach?
- Full name
- Email Address
- Date of Birth
- Financial Information
- Social Security Number
How Did the Breach Occur?
The Goodwill data breach occurred because an employee's email was accessed without permission. An attacker gained access to the email account, most likely by way of a phishing attack, and began using the account access to gather confidential data. The data gathered could be used in harmful ways.
When Did This Breach Occur?
The Goodwill email account was compromised around July 21, 2022, and it wasn't until December 22, 2022, that the investigation was complete, examining all the potential data lost thanks to the compromised email address. There was an extended period of time when data could have been gathered from this email account.
Who Does the Breach Impact?
The data breach mostly impacts staff members of the Goodwill Industries of South Central California, but some customers and individuals relying on help from the organization may have been impacted as well if you've recently dealt with the organization, you may have had your data exposed. The company is sending out personalized letters to anyone that is at risk of having information exposed, and they will all get access to 12 months of credit monitoring services for free. Use these services, and watch over your financial accounts for any signs of issues.
How Many Files Does the Breach Affect?
Hundreds of Goodwill documents and thousands of emails were accessible during the period when the account was compromised. It's unclear how much data was actually taken and used from the account, but many people were exposed by the breach.
Recent Breaches
Cisco Duo Breach
Cisco Duo is an access security provider that offers solutions for small business and commercial control products, including multi-factor authentication (MFA), single sign-on, and access control services....
AT&T Breach
American Telephone and Telegraph Company (AT&T) is the fourth-largest telecommunications provider, behind Verizon, Comcast, and China’s state-funded communications solution...
Fujitsu Limited Breach
Fujitsu Limited is the world’s sixth-largest IT service provider. Based in the Minato City ward of Tokyo, Japan, Fujitsu offers various technology solutions for personal and commercial use...
Cybersecurity and Infrastructure Security Agency Breach
The CISA collaborates with other government agencies to notify victims of breaches and respond to threats. These include the Federal Bureau of Investigation, the Multi-State Information Sharing & Analysis...
Roku Inc. Breach
Roku is a global streaming and entertainment organization. It offers solutions for direct streaming, live channels, music, niche channel entertainment, smart home devices, travel technology, audio options,...