[ISN] Hackers had access to Goodwill hosting provider for 18 months

http://www.computerworld.com/article/2684180/hackers-had-access-to-goodwill-hosting-provider-for-18-months.html By Jeremy Kirk IDG News Service Sep 16, 2014 Hackers evaded security systems for a year-and-a-half at a hosting center that processed payment cards for Goodwill Industries, using the same type of malware that struck Target and other major retailers to steal card data, according to the charity’s software vendor. In its first public statement since being identified by Goodwill as its technology partner, C&K Systems of Murrells Inlet, S.C., said two other customers were also affected by the unauthorized access, though it didn’t name them. Goodwill, which sells donated clothing, said in July that federal authorities were investigating a possible payment card breach at its U.S. outlets. It’s one of many retailers, including Target, Neiman Marcus, Michaels, P.F. Chang’s China Bistro and Sally Beauty, that have disclosed data breaches since December. In a rare move, Goodwill identified C&K as one of the contractors that provided payment processing for 20 of its stores, and said those stores had since stopped using the company’s services. […]