Pressure builds for hearings, action on data security
Jan. 13, 2014 – Pressure continued to build over the weekend for NAFCU-sought hearings on data security and how to better protect consumers in the wake of the huge data breach at Target Corporation.
House Financial Services Committee Chairman Jeb Hensarling, R-Texas, was urged Friday by 15 committee Democrats to hold a hearing on what should be done to reduce vulnerabilities in the payment system. Staff for Senate Banking Committee Chairman Tim Johnson, D-S.D., also indicated that panel is likely to hold a hearing on the Target breach in coming weeks.
Both developments followed new reports form Target that its data security breach in November and December affected not just potentially 40 million consumers’ accounts, but between 70 and 110 million. It also revealed that the data was from shoppers who visited even before the holiday period.
Reports on data breaches at retailers continued to roll out over the weekend. Neiman Marcus apparently learned of a breach affecting its customers in mid-December but has not released estimates of how many accounts may have been compromised. Reuters cited unnamed sources saying at least three other well-known retailers have also been affected by data breaches, possibly earlier than the Target breach.
NAFCU was the first financial trade association to call for retailers to be held responsible for data security breaches on their end. Association President and CEO Dan Berger wrote the House and Senate last month to urge hearings on the recent Target breach; two bills on data security have since emerged in the Senate. NAFCU is continuing to press for action.
Credit unions will learn more about growing threats of third-party data breaches next month during NAFCU’s Technology and Security Conference in Las Vegas.
NAFCU Technology and Security Conference
Berger's letter to House
Berger's letter to Senate
Reuters article, 1/12
The Washingon Post, 1/11
"Senators ready bills in wake of Target breach," 1/9
“NAFCU ramps up call for data security action,” 12/20/13