New CUNA President/CEO Jim Nussle has asked President Obama to establish a cybersecurity council that would “develop a comprehensive and timely approach” to large-scale data breaches.
Additionally, CUNA has launched a grassroots campaign that urges Congress to “Stop the Breaches.” CUNA encourages credit unions to contact their legislators and ask them to:
• Require merchants to reimburse credit unions for the costs credit unions incur as a result of merchant breaches; and
• Allow credit unions to tell their members the name of a merchant causing the data breach.
The recent massive data breaches have taken place in merchant-operated systems, not in financial institutions, Nussle notes in his letter to Obama—and yet credit unions pick up much of the cost, including card reissuance.
A system that aligns liability with responsibility would provide all parties incentive to “take cybersecurity seriously,” Nussle writes.
Earlier this year, CUNA conducted a survey of credit unions to determine the Target data breach fallout. In light of the Home Depot data breach that compromised data from April through early September, CUNA distributed another survey last month to credit unions offering debit and credit cards. The survey explored:
• The total number of debit and credit cards currently issued;
• The number of cards affected by the Home Depot data breach;
• The number of cards reissued or planned to be reissued as a result of the breach; and
• Estimates on costs credit unions incurred as a result of the breach related to card reissuance, fraud, and all other actions.