Data and Privacy Breaches are Very Important
Not all organizations that handle private consumer data are subject to data protection laws and standards. This means that many of them fail to invest sufficiently in data privacy and security measures. As a result, it can be easier for hackers to gain access to personal information, which may include credit and debit card numbers, debit personal identification numbers (pin), social security numbers, driver’s license numbers, or other sensitive data. Hackers can then sell this information to bad actors or use it themselves to buy things, open new accounts with the stolen data, or other fraudulent actions.
For the past several years, data breaches have been increasing.
Skyrocketing Number of US Data Breaches
Source: Identity Theft Resource Center
Fraudsters Gravitate to Those with Weakest Controls
Source: Identity Theft Resource Center
A number of data collectors have a bad track record and shift their mistakes to others
Although most consumers have probably only heard about a few breaches, over 1,200 data breaches occurred in 2018 exposing more than 197 million data records – a 126% increase over 2017. The number of records breached in 2018 is likely much higher since only half of the breaches reported included the number of records exposed.
When a data breach occurs, data collectors responsible for the breach are often not required to pay the costs associated with the breach. These costs include reissuing new cards to individuals, paying back the fraudulent charges resulting from a breach, or credit monitoring in the case of identity theft. Even when these bad actors are responsible for the breach, they are rarely required to pay ANY costs incurred by fraudulent activities. Who is stuck paying these costs for data breaches? Your Credit Union or Bank—and ultimately, consumers like you.
If data collectors can shift most of the costs of their data breaches to others, what incentive is there to increase their data security?
The answer is simple, none.
Credit Unions Have Been There to Protect Their Members and Customers
Consumers will be protected from fraudulent charges on their cards due to a breach, and the cost is generally picked up by the credit union, not by the data collector.
Financial institutions are sometimes limited in disclosing many of the circumstances of a data breach. Often, they are not able to disclose the organization responsible for the breach itself.
Financial institutions clean up the mess when data breaches occur by informing members and customers and reissuing new credit and debit cards if required. In addition, financial institutions pursue cyber criminals through available legal channels on behalf of their members, saving them time and legal expenses.
While the migration to chip cards has helped curb counterfeit card fraud, it’s still a problem. Data from compromised chip cards can be used to encode the magnetic stripe on counterfeit cards. Those cards can then be used for card present fraud at merchants. Instead of inserting the chip card in a chip-enabled point-of-sale (POS) terminal, the counterfeit cards are swiped at the POS terminal’s magnetic stripe reader. As expected, the migration to chip cards has also resulted in an increase in card-not-present fraud.
Ensuring the safety of members’ data is a top priority of your credit union.
Credit Union Members and Bank Customers Get Stuck With The Bill
After the Target breach for example, credit unions were left on the hook for $30.6 million, according to estimates by the Credit Union National Association (CUNA). Additionally, credit unions reissued roughly 4.6 million credit and debit cards in the aftermath.
Financial institutions not only cover the cost of fraud, but also costs of blocking transactions, reissuing cards, increasing staff at call centers and monitoring consumer accounts.
The data breach at Home Depot was larger than Target, costing credit unions an estimated $57.4 million dollars.
When a data breach occurs the data collectors often shift most of the costs and consumers are ultimately the ones who foot the bill.
Sometimes, financial institutions are reimbursed for data breaches, but when they are, the reimbursement covers only a portion of the total cost.
Have You Been Compromised In Data Breach?
Enter your email address to see if your information has been compromised in a data breach:
Helpful Solutions to Data Breaches
STRONG NATIONAL DATA PROTECTION
and consumer notification standards with effective enforcement provisions are needed to ensure sensitive data is protected.
STRICT DATA PRIVACY AND SECURITY STANDARDS
need to be equally applied to all stakeholders.
PREEMPTION OF INCONSISTENT STATE LAWS
and regulations in favor of strong federal data protection and notification standards.
ABILITY OF CREDIT UNIONS AND BANKS TO INFORM
members and customers about a breach, including where it occurred.
for all those involved in the payments system for protecting consumer data. The costs of a data breach should ultimately be borne by the entity that incurs the breach.
Time To Take Action
- Let Congress know it is time to take action and hold merchants accountable for data breaches. Stop the Data Breaches!
- Tell Congress merchants should be required to reimburse credit unions for the costs they incur as a result of merchant breaches.
- Let Congress know that credit unions should be able to tell their members the name of a merchant causing the data breach.
- Click here to Take Action NOW
Credit unions put their members first, and that includes safeguards for protecting their data and security. The current patchwork of data privacy and security regulations leave all of us vulnerable
A national standard that includes all industries along the transaction journey is vital to protecting America’s interests.
Tell Congress to Stop the Data Breaches and to pass legislation so all industries protect consumer data and privacy.
Click here to Take Action NOW