June 17, 2014

Berger in HuffPost: 6 months after Target, consumer data still at risk

June 18, 2014 – NAFCU President and CEO Dan Berger ran through the list of retailer data breaches since news broke of the Target Corporation data breach six months ago in an editorial in the Huffington Post Tuesday.

He also highlighted statistics from various reports on data breaches and their effects on consumers.

Berger reiterated NAFCU's call for national data security standards for retailers. "While there have been numerous congressional hearings and a lot of ‘talking' on data security by various groups, consumers are still vulnerable as there are still no national data security standards for retailers," Berger wrote. "Credit unions and banks are already subject to such standards under the Gramm-Leach-Bliley Act, but retailers are not and have been actively opposing efforts to extend federal standards to them."

Berger said the cost to credit unions for the Target data breach alone is being estimated at nearly $30 million. "Unfortunately, credit unions will likely never recoup much of this cost, as there is no statutory requirement making retailers accountable for costs associated with breaches that result on their end," he wrote.

He said that NAFCU is continuing to make specific recommendations to Congress relating to data security, including making entities accountable for costs of data breaches that result on their end, requiring entities to be responsible for the storage of consumer data and mandating the disclosure to consumers of the identities of retailers whose data systems have been compromised.

NAFCU was the first financial trade organization to call for national data security standards for retailers in the wake of the Target data breach.