Newsroom
December 23, 2013
CUs' vigilance on data breaches ongoing; senator requests probe
Dec. 27, 2013 – Credit unions are continuing their vigilance for signs of more fraudulent activity following the revelation last week about the massive data security breach at Target Corporation. Sen. Richard Blumenthal, D-Conn. has called for a federal investigation.
Target confirmed that nearly 40 million credit card and debit card accounts were compromised between Nov. 27 and Dec. 15. Data affected in the breach includes customer names, credit and debit card numbers, expiration dates, and CVV security codes. NAFCU recommends that its members stay in touch with their members and to request notification about any suspicious charges they notice.
Blumenthal wrote the Federal Trade Commission Dec. 22 asking for an investigation into whether Target was negligent in protecting customer data. He wrote, "While it is clear that the FTC has the authority to investigate breaches like the one that occurred at Target stores, it is equally clear that the Commission needs additional authority to impose sanctions sufficient to fully punish and deter the conduct that leads to such breaches. The breach at Target highlights how vast and damaging data breaches can be."
NAFCU believes merchants should bear responsibility for data breaches originating on their end. In letters to the leaders of the House and Senate, NAFCU President and CEO Dan Berger urged passage of bills to require merchants to adopt minimum data security standards and be accountable for breaches.
Passage of data security requirements for merchants is a key element of NAFCU's five-point plan for credit union regulatory relief. Berger noted in the letters that credit unions and other financial institutions aren't the problem in situations like these and that they have enough regulations and required standards they follow to protect consumers' data. He did note, however, that "any entity that stores financial or personally identifiable information should be held to minimum standards for protecting such data."
NAFCU's data security recommendations were picked up by media outlets including the Pittsburgh Tribune Review, The Miami Herald, the San Jose Mercury News, The Sacramento Bee and the Dallas Morning News, as well as numerous broadcast outlets.
Target confirmed that nearly 40 million credit card and debit card accounts were compromised between Nov. 27 and Dec. 15. Data affected in the breach includes customer names, credit and debit card numbers, expiration dates, and CVV security codes. NAFCU recommends that its members stay in touch with their members and to request notification about any suspicious charges they notice.
Blumenthal wrote the Federal Trade Commission Dec. 22 asking for an investigation into whether Target was negligent in protecting customer data. He wrote, "While it is clear that the FTC has the authority to investigate breaches like the one that occurred at Target stores, it is equally clear that the Commission needs additional authority to impose sanctions sufficient to fully punish and deter the conduct that leads to such breaches. The breach at Target highlights how vast and damaging data breaches can be."
NAFCU believes merchants should bear responsibility for data breaches originating on their end. In letters to the leaders of the House and Senate, NAFCU President and CEO Dan Berger urged passage of bills to require merchants to adopt minimum data security standards and be accountable for breaches.
Passage of data security requirements for merchants is a key element of NAFCU's five-point plan for credit union regulatory relief. Berger noted in the letters that credit unions and other financial institutions aren't the problem in situations like these and that they have enough regulations and required standards they follow to protect consumers' data. He did note, however, that "any entity that stores financial or personally identifiable information should be held to minimum standards for protecting such data."
NAFCU's data security recommendations were picked up by media outlets including the Pittsburgh Tribune Review, The Miami Herald, the San Jose Mercury News, The Sacramento Bee and the Dallas Morning News, as well as numerous broadcast outlets.
Share This
Related Resources
Data Privacy Issue Brief
Whitepapers
Data Privacy Issue Brief
Whitepapers
NAFCU Data Privacy Principles
Whitepapers
Compliance Monitor - August 2018
Newsletter
Get daily updates.
Subscribe to NAFCU today.