ST. LOUIS, Mo. (1/30/14)--Credit unions and other card issuers, not retailers, ultimately bear the burden of losses created by data breaches like the one that victimized Target shoppers, Sen. Roy Blunt (R-Mo.) noted in a recent NewsRadio 1120 KMOX interview.
Blunt said a bill he recently introduced, The Data Security Act of 2014 (S. 1927), is getting plenty of attention now. The bill was introduced with chief co-sponosr Sen. Tom Carper (D-Del.) in mid-January and has been referred to the Senate Banking Committee.
The Carper/Blunt bill would require credit unions and other financial institutions, retailers, and federal agencies to protect sensitive information, notify consumers if a breach occurs, and conduct their own investigations in that event. If a breach impacted more than 5,000 consumers, the federal authorities, law enforcement officials, and various consumer reporting agencies would have to be notified. Overall, the bill aims to replace various state-based data protection laws with one single, federal standard.
The Credit Union National Association supports the Carper/Blunt legislation, which is similar to bills the legislators have introduced over the last five years.
Blunt on KMOX said Congress should require better card security standards, but should not specifically tell institutions how to secure their cards.
CUNA is still accepting credit union data on the costs and burdens created by the Target data breach. According to CUNA estimates released earlier this month, the total cost of the breach for credit unions is between $25 million and $30 million. However, the actual costs could exceed this estimate in the coming weeks if greater fraud losses are incurred or those that have reported already add additional costs to their reported totals.
The CUNA survey has garnered widespread media attention, with outlets as varied as the San Francisco Business Times, Las Vegas Review-Journal, Minneapolis/St. Paul Business Journal, Chain Store Age, MSN Money, the Associated Press, Bankrate.com, Yahoo Finance and Computerworld covering the issue and/or CUNA's survey results. (See related Jan. 24 story: More media outlets spotlight CUs, CUNA's breach survey.)