WESTBROOK, Maine (6/9/15)--Maine Credit Union League President John Murphy discussed the significant impact that data breaches have had on credit unions in a June 5 report on the Maine public radio network.
"We looked at 2013-14, and Maine's credit unions have re-issued in the neighborhood of 400,000 to 500,000 ATM debit cards, and we estimate the total cost, including fraud, in the neighborhood of $2.5 million," Murphy said.
Murphy said legislation is needed that puts more onus on the businesses that are breached. "The folks that are responsible for not taking proper care of consumers' data ought to be responsible for absorbing the costs associated with fraud and re-issuing the cards," he told MPBN.
Those entrusted with confidential consumer data should be called to account if that data is stolen, he added.
CUNA has outlined to members of Congress the guiding principles that should be present in any data breach legislation--most importantly the use of Gramm-Leach-Bliley Act-like standards for any entity that handles consumer information.
Several lawmakers and witnesses expressed their support of those standards being applied universally in a recent House Financial Services Committee hearing.
CUNA supports the Data Security Act of 2015 (S.961/H.R. 2205), which would set a strong, national security standard for all companies that handle consumer information.
Also featured in the report were Maine Sens. Susan Collins (R) and Sen. Angus King (I). Both are members of the Senate Intelligence Committee. and they are both urging Congress to pass a cybersecurity law.
Collins said a recent attack on the government personnel office has all the hallmarks of a sophisticated attack. "This is a real indictment of the lack of computer security that we have with civilian agencies' computers," Collins said in the radio segment.
King also issued a statement renewing his calls for Congress to take action. His comments echo remarks he made on the Senate floor earlier this year in response to a data breach at health insurer Anthem, which affected more than a half-million Maine residents.
Meanwhile, a recent incident in Michigan illustrated the cost data breaches inflict on credit unions.
Pam Swope, director of marketing and compliance for FinancialEdge Community CU, Bay City, said roughly 300 debit cards and 30 credit cards were involved in a recent incident, the Michigan Credit Union League reported (Monitor June 1). At least three other Bay City area credit unions and banks, as well as at least one credit union on the west side of Michigan, are part of similar investigations being conducted by the Michigan State Police and U.S. Secret Service.
FinancialEdge Community CU had a fraud loss of roughly $9,000 in April alone. The total amount of fraud loss in a single year is typically less than $20,000, Swope said.
Swope said that some of the compromised cards were used at a big box retailer. She talked to a security executive at the retailer’s corporate office who told her that he “would need an army to combat fraud” in its stores.