MADISON, Wis. (9/11/14)--Credit union leaders are raising their voices over the latest--and possibly largest--data security breach--this time at Home Depot.
Newspapers in California and Nevada published a column by Diana Dykstra, president/CEO of the California and Nevada Credit Union Leagues, calling for better data security.
"This latest data security breach demonstrates yet again the need for data security requirements for merchants. Financial institutions are subject to high data protection standards, while under today's law, there is no merchant accountability. That has to change," said the letter, which ran in the Reno (Nev.) Gazette-Journal and Inland Valley Daily Bulletin, Ontario, Calif., Tuesday.
The U.S. Congress and state legislatures must act to protect consumers by taking steps to enhance data security standards for merchants, Dykstra wrote. The Credit Union National Association also strongly advocates this position.
"When a data breach occurs, not-for-profit credit unions immediately take steps to protect their members, including reissuing debit and credit cards, and account monitoring. These costs make a difference in our ability to offer services to members," she added.
That cost to credit unions was echoed by Maine Credit Union League President John Murphy in the Portland Press Herald (Sept. 6). Murphy said the state's credit unions and banks are expecting to suffer millions in losses, primarily for reimbursing cardholder losses and issuing new cards. "Ultimately it's the customers that pay for it," he told the Press Herald.
BBC.com reported Wednesday that state attorneys general for California, Connecticut, Illinois, New York and Iowa are leading a multistate probe into the breach. CNNMoney and Reuters reported class action lawsuits were filed in Atlanta and Chicago on behalf of consumers.
In related news, Sens. Edward Markey (D-Mass.) and Richard Blumenthal (D-Conn.) on Tuesday asked the Federal Trade Commission to investigate the Home Depot breach.
The senators, who introduced the Personal Data Protection and Breach Accountability Act in February, sent a letter to FTC Chair Edith Ramirez. "We are concerned that the retailer's procedures for detecting and stopping operations to steal customer data are inadequate," the letter said.
Also on Tuesday, CUNA sent letters to the Senate and House of Representatives urging legislative changes to shore up merchants' breach responsibilities (News Now Sept. 10).
The latest letter is one of many that CUNA has sent to the Hill. CUNA was the first financial institution trade association to address data security concerns with a Jan. 3 letter to the House Financial Services Committee and the Senate Banking Committee.