WICHITA, Kan. - Goodwill Industries confirms thrift stores across Kansas were part of a nationwide criminal malware attack.
The credit and debit cards of shoppers could have been affected over an 18-month period.
Goodwill revealed in July there was a data security problem. Now an outside investigation has found card numbers of customers were stolen at more than 300 stores.
But the malware attack is being called intermittent. And a Goodwill statement says there's no evidence PIN numbers of debit card users were affected.
Goodwill locations across Kansas were part of this, between February 2013 and mid-August 2014. They include stores in Wichita, El Dorado, Garden City, Great Bend, Hays and Hutchinson.
Goodwill claims the malware is no longer a threat. But if you used a credit or debit card at those stores during the period of trouble, Goodwill recommends you review your account statements for any sign of fraud.
Goodwill blamed the security lapse on an unidentified contractor's payment processing system. Reports about fraud linked to shoppers' cards have been "very limited," Goodwill said.