Newsroom

With the holiday shopping season kicking off in days, and approximately one year after the Target data breach, NAFCU continues to urge enactment of national data security standards for retailers.

"As Americans enter the busiest shopping season of the year, consumers' sensitive personal and financial information, both online and in the stores, is as vulnerable as ever to cybercriminals," said NAFCU President and CEO Dan Berger. "To protect consumers' data, help prevent identity theft and reduce breach costs overall, NAFCU urges Congress to establish national data breach and notification standards for retailers."

The Target breach occurred from Nov. 27 through Dec. 15 and, NAFCU data show, cost credit unions nearly $30 million due to card replacement costs and other expenses. NAFCU estimates that all financial institutions stand to lose nearly $500 million from this breach.

Target has admitted missing warning signs of the data breach but has asked a federal judge in Minnesota to dismiss claims from five banks affected by the breach, asserting it has no liability since it did not serve them directly. A major data breach has been discovered since the Target breach almost monthly – including the more recent Home Depot breach.

NAFCU was the first financial trade group to call for a national data security standard for retailers in the wake of the Target breach. The association is a member of the Payments Security Task Force, a diverse group of participants in the payments industry that is focused on EMV chip implementation, including ways to help reduce testing and implementation time, and which is driving a discussion on payments system security.

NAFCU is also a member of the Financial Services Sector Coordinating Council and the Financial Services Information Sharing and Analysis Center, which work on infrastructure security.