MADISON, Wis. (9/19/14)--Credit unions nationwide are taking a proactive strategy in protecting members from any fraudulent activity resulting from the Home Depot data breach, which the retailer confirmed Thursday compromised 56 million unique payment cards.
In Maine, credit unions have issued thousands of new cards to protect members from possibly fraudulent charges. Banks have taken "a more measured approach," and not issued cards proactively, centralmaine.com reported.
Centralmaine.com also reported Thursday that a black market website is selling nearly 100,000 credit and debit card numbers stolen from Home Depot stores in Maine.
John Murphy, president/CEO of the Maine Credit Union League, said the situation in his state has been exacerbated by breaches at a series of local merchants in addition to Home Depot and other nationwide incidents.
"A combination of these large breaches as well as these breaches on small merchants have credit unions scrambling to do a couple things," Murphy told News Now. "One is to limit the fraud exposure. But more important is to be sure members continue to have access to their accounts while their cards are being reissued."
Visa Inc. and MasterCard have alerted thousands of card-issuing financial institutions to monitor their members' and customers' accounts for fraudulent transactions related to the Home Depot breach, The Wall Street Journal reported (Sept. 16).
Credit unions nationwide have already responded. Members of Westerra CU, Denver, with $1.2 billion in assets, who used their debit or credit cards at Home Depot store between April 1 and Sept. 7, will receive reissued cards, according to the credit union's website.
Our Community CU, Shelton, Wash., with $288 million in assets, also informed its membership that it has obtained a list of members' card numbers that have been affected by the Home Depot breach. Those members will be contacted and reissued new cards within 15 business days, according to a message on the Our Community CU website.
University FCU, Austin, Texas, with $1.7 billion in assets, is alerting members about card replacements on its website and in a recorded phone message, The Wall Street Journal reported. Debit cards used at Home Depot "during the compromised time frame" will be deactivated on Sept. 25. Credit cards used at the retailer will be deactivated on Sept. 30, the credit union said.
While its members have not experienced any fraudulent activity, Evansville (Ind.) Teachers FCU, with $993 million in assets, also is issuing new debit cards to its members proactively, WFIE-TV reported. Home Depot provided the credit union with a list of members who may be affected.
The Credit Union National Association is urging credit unions to record breach-related activity and costs as they receive and process breach notifications in the upcoming weeks. CUNA's upcoming survey will collect data to inform lawmakers, regulators, media and others about the effects of the data breach on credit unions.
The home improvement retailer confirmed Thursday that 56 million cards had been compromised, making it the largest data breach to date. Last year's Target breach affected 40 million cardholders.
Among the information CUNA will collect on the Home Depot breach:
CUNA strongly advocates on behalf of legislation that would protect financial institutions and consumers from the harm such breaches caused by subjecting merchants to the same federal data protection standards to which credit unions and other financial institutions are already subject.