Coastal Federal Credit Union’s quick response to the Target data breach was 10 years in the making.
Ever since the BJ’s Wholesale payment card breach in 2004, the $2.2 billion asset credit union in Raleigh, N.C., has focused on procedures and defenses to mitigate cyberfraud losses.
“It’s been a learning process, an iterative process, and some cobbling together,” says Carlton Howard, vice president of risk management. “But a lot of it is good, old-fashioned paying attention and taking action.”
To mitigate risk following a breach, credit unions should take these six steps, according to Ann Davidson, a senior risk management consultant at CUNA Mutual Group:
1. Educate members not to respond to mysterious calls or emails or text messages asking for personal or financial information, and encourage them to frequently review account activity and create transaction alerts.
2. Evaluate compromised card number information to determine the severity and magnitude of the exposure.
3. Ensure use of name matching for magnetic stripe data .
4. Accelerate card expiration dates on active cards if they expire within 180 days, and consider whether to block or reissue other cards.
5. Monitor card-not-present potential exposures, cash withdrawals, and daily dollar limits on affected accounts; and watch for an uptick in PIN activity.
6. Scrutinize daily card fraud to identify any changes in fraud transaction patterns.
Coastal Federal learned of the Target breach by reading an antifraud blog, “Krebs on Security.” The credit union notified members through electronic messaging, regular mail, and a website banner, asking them to follow the precautions noted above.
The credit union identified members who’d shopped at Target within the breach period through CO-OP Total Revalation, a data analytics program from CO-OP Financial Services.
Coastal Federal contacted the affected members through an autodialing blaster generally used in collections, and created a notification bloc for its online banking portal that popped up specifically for those members when they logged on.
Typically, the credit union reissues cards before blocking the old ones, so members aren’t left without access to their accounts. But when its antiphishing service, RSA FraudAction, discovered 88 members’ cards on the black market, the credit union immediately blocked those cards.
Coastal Federal uses utility programs to automatically reissue and block cards—a home-grown version for debit cards and FIS/CSCU’s Compromise Manager for credit cards—which negates the time-consuming task of manually entering all the data.
Thanks to its game plan, Coastal Federal acted decisively when the threat arose.