WASHINGTON (9/10/14)--With Home Depot confirming reports of a data breach in a statement Monday, the Credit Union National Association has been active on several fronts to protect financial institutions and consumers from the harm such breaches cause.
According to a statement from the Atlanta-based retailer, Home Depot confirmed that a breach of its payment systems did occur, one that could have affected customers in its U.S. and Canadian locations. The company is still determining the full scope and scale of the breach.
CUNA wrote to both houses of Congress Tuesday requesting legislative remedies. In the letter, CUNA interim President/CEO Bill Hampel urged legislators to hold all participants in the payments system to "be held to comparable levels of federal data security requirements."
"Merchant data breach is a chronic, but preventable, issue. Breaches occur over and over again because data security standards are inconsistent across the board," the letter reads. "Breaches can be prevented if Congress would subject merchants to the same federal data protection standards to which credit unions and other financial institutions are already subject."
Hampel expressed concerns that such breaches can make a significant difference in a credit union's ability to offer services to members, due to the resources needed to determine whether cards need to be reissued, setting up account monitoring and other activity.
Diana Dykstra, president/CEO of the California and Nevada Credit Union Leagues, wrote in Tuesday's Inland Valley Daily Bulletin that all members of the payments system need to share responsibility for protecting consumer data.
"Simply put, credit unions and other financial institutions are subject to high data protection standards under the Gramm-Leach-Bliley Act while merchants are not subject to data protection standards. Under today's law, there is no merchant accountability. That has to change," she wrote.
CUNA is currently working with groups such as the Payments Security Task Force (PST), the Payments Council and the Electronic Payments Coalition (EPC) to address data breach issues. The PST contains groups that meet weekly to discuss new security measures, the process of integration and to create resources for merchants, consumers and financial institutions.
The Payments Council is made up of a number of financial services trade organizations, including CUNA, and has held a number of meetings over summer to discuss the future of payments and cybersecurity efforts.
The EPC, a group of networks, financial services trade associations and issuers, works together on communications messaging and public affairs advocacy, especially to inform the media and the Hill about key developments in data breaches and other issues.
Other CUNA advocacy efforts include:
Use the resource link below to access the full letter and Dykstra's guest commentary.