Newsroom
September 24, 2014
WSJ: CU sees fraud from Home Depot breach
The Home Depot breach is already affecting credit unions: On Tuesday, The Wall Street Journal quoted NAFCU-member Air Academy Federal Credit Union in Colorado Springs, Colo., which said it has caught about $20,000 worth of attempted fraudulent transactions so far on exposed cards.
The WSJ, in a report also picked up in Australia and in Politico, reported the credit union has increased staffing in its fraud department, even on the weekends when criminals will often try to use counterfeit cards. Brad Barnes, Air Academy FCU's CFO, is quoted saying while the fraudulent charges seen thus far aren't huge, "for a three-week period it's a big start."
Many credit unions and other institutions are already reissuing new cards to consumers in the wake of the breach, which is estimated to have affected as many as 56 million debit and credit cards.
NAFCU Director of Legislative Affairs Jillian Pevo told CBS MoneyWatch that "the Home Depot breach is bigger than the Target breach in terms of the number of cards impacted." She said credit unions will make their members whole if they are impacted by the data breach, but that comes at a cost for the financial institutions. According to a NAFCU survey, each credit union respondent faced costs of $45,000 related to the Target breach, which included added employee hours to meet the needs of their members as well as card re-issuance.
Lawsuits filed
Home Depot also now faces numerous lawsuits as a result of its data breach. BankInfoSecurity.com reported on a Canadian class action lawsuit filed on behalf of Home Depot customers who shopped at the retailer sometime between April and September. The lawsuit "alleges that Home Depot is guilty of negligence, breach of confidence, breach of privacy, breach of fiduciary duty, breach of contract and negligent misrepresentation," the article stated.
The home improvement chain also faces a class action lawsuit filed by First Choice Federal Credit Union of Pennsylvania. Filed in the federal district court in Georgia, the suit alleges Home Depot did not "meet its legal obligation to protect consumers' credit card and personal information." The suit was filed on behalf of credit unions and other financial institutions to recover losses they will incur from the data breach.
NAFCU continues to press for legislative action to set national data security and breach notification standards for retailers. The association is also a member of the Payments Security Task Force, a diverse group of participants in the payments industry focused on EMV chip implementation, including ways to help reduce testing and implementation time.
The WSJ, in a report also picked up in Australia and in Politico, reported the credit union has increased staffing in its fraud department, even on the weekends when criminals will often try to use counterfeit cards. Brad Barnes, Air Academy FCU's CFO, is quoted saying while the fraudulent charges seen thus far aren't huge, "for a three-week period it's a big start."
Many credit unions and other institutions are already reissuing new cards to consumers in the wake of the breach, which is estimated to have affected as many as 56 million debit and credit cards.
NAFCU Director of Legislative Affairs Jillian Pevo told CBS MoneyWatch that "the Home Depot breach is bigger than the Target breach in terms of the number of cards impacted." She said credit unions will make their members whole if they are impacted by the data breach, but that comes at a cost for the financial institutions. According to a NAFCU survey, each credit union respondent faced costs of $45,000 related to the Target breach, which included added employee hours to meet the needs of their members as well as card re-issuance.
Lawsuits filed
Home Depot also now faces numerous lawsuits as a result of its data breach. BankInfoSecurity.com reported on a Canadian class action lawsuit filed on behalf of Home Depot customers who shopped at the retailer sometime between April and September. The lawsuit "alleges that Home Depot is guilty of negligence, breach of confidence, breach of privacy, breach of fiduciary duty, breach of contract and negligent misrepresentation," the article stated.
The home improvement chain also faces a class action lawsuit filed by First Choice Federal Credit Union of Pennsylvania. Filed in the federal district court in Georgia, the suit alleges Home Depot did not "meet its legal obligation to protect consumers' credit card and personal information." The suit was filed on behalf of credit unions and other financial institutions to recover losses they will incur from the data breach.
NAFCU continues to press for legislative action to set national data security and breach notification standards for retailers. The association is also a member of the Payments Security Task Force, a diverse group of participants in the payments industry focused on EMV chip implementation, including ways to help reduce testing and implementation time.
Share This
Related Resources
Data Privacy Issue Brief
Whitepapers
Data Privacy Issue Brief
Whitepapers
NAFCU Data Privacy Principles
Whitepapers
Compliance Monitor - August 2018
Newsletter
Get daily updates.
Subscribe to NAFCU today.