September 03, 2014

Berger: Data security should be Congress' top priority

Sept. 4, 2014 – NAFCU President and CEO Dan Berger noted the "chilling effect" of continued retailer data breaches on consumer confidence and said Congress must act on a national data security standard for retailers when it resumes work next week. New reports said a suspected Home Depot breach could be widespread.

Berger, in a statement, said Wednesday that the lack of a national data security standard creates an open invitation for cyber thieves. He added if the Home Depot data breach is confirmed at all 2,200 of its stores in the U.S., (as an updated KrebsonSecurity report suggests) the fallout could prove equal to the Target data breach late last year.

"These continued data breaches will have a chilling effect on our consumer confidence and our economy at large unless Congress holds retailers to the same strict standards of data security and breach notification that financial institutions must adhere to," said Berger. "Congress must make passing a national data security standard for retailers a top priority when it returns next week."

Berger, citing a report from Intel Security and the Center for Strategic and International Studies, noted costs of cybercrime to the global economy of $575 billion annually; of that, $100 billion is in the U.S. He also noted a recent Ponemon Institute survey, which estimated 47 percent of all American adults have been affected by data breaches over the last year, with an estimated 432 million online accounts being affected.

NAFCU was the first financial trade organization to call for national data security standards for retailers. It continues to push for legislative action on Capitol Hill. Credit unions and banks are already subject to such standards under the Gramm-Leach-Bliley Act, but retailers are not.