Newsroom

FOR IMMEDIATE RELEASE

Washington (May 18, 2016) - National Association of Federal Credit Unions (NAFCU) Executive Vice President of Government Affairs and General Counsel Carrie Hunt issued the followingstatement in response toFederal District Court Judge Thomas Thrash's ruling to allow financial institutions' lawsuit against Home Depot based on the retailer's huge data breach in 2014 to move forward.

"NAFCU and our members are gratified that the lawsuit brought against Home Depot by financial institutions will be allowed to proceed.But litigation over a past breach does little to protect the consumers whose data has already been exposed," said Hunt."We continue to urge Congress to pass national data security standards for retailers to help protect consumers' sensitive financial information and prevent data breaches in the future."

Thrash, citing, among other things, the "foreseeable" harm that might have been prevented, is allowing a financial institution class to proceed with most of its claims against Home Depot related to its massive data security breach in 2014.

Thrash issued the order Tuesday in response to Home Depot's motion to dismiss the complaints.

The financial institutions' class action cites more than $150 million in damages to credit unions and community banks as a result of the breach. The lawsuit was filed in Atlanta, where the home-improvement store chain is headquartered. There are more than 100 plaintiffs, among them are financial institutions in 44 states and the District of Columbia.

Based on the provisions of the 1999 Gramm-Leach-Bliley Act (GLBA), credit unions and other financial institutions already protect consumers' personal data. Regrettably, there is no similar comprehensive regulatory framework akin to GLBA for other entities, such as retailers, that handle sensitive personal and financial data. NAFCU urges support for H.R. 2205/S.961, the Data Security Act of 2015. Introduced by Reps. Randy Neugebauer, R-Texas, and John Carney, D-Del., and Sens. Tom Carper, D-Del., and Roy Blunt, R-Mo., respectively. The bipartisan bill would set a national data security standard for retailers akin to GLBA while acknowledging financial institutions existing adherence to GLBA standards.

NAFCU was the first financial trade organization to call for nationaldata securitystandards for retailers, and itcontinuesto push for legislative action on Capitol Hill.

The National Association of Federal Credit Unions is the only national trade association focusing exclusively on federal issues affecting the nation's federally insured credit unions. NAFCU membership is direct and provides credit unions with the best in federal advocacy, education and compliance assistance.www.nafcu.org

###

Patty Briotta