WASHINGTON (1/13/14)--Alabama State Employees CU has become the first credit union to take legal action following last year's Target data breach, and more lawsuits from other institutions are expected to be offered soon.
In its class action complaint, Montgomery-based credit union alleges that it was damaged when the Target breach forced it to refund member losses, close accounts and reissue new checks, debit cards, and credit cards to certain members. The credit union claimed Target breached implied contracts when it failed to safeguard the private and confidential financial and personal information of members.
The credit union class action suit was filed in the U.S. District Court for the Middle District of Alabama, Northern Division. Commercial Bancshares, Inc., also filed suit against Target on Friday.
The Target data breach compromised 40 million debit and credit cards and included stolen encrypted PIN data. Target revealed late last week that the names, mail and email addresses, and phone numbers of up to 70 million individuals were also compromised in the breach.
The breach is being examined by state attorneys general from across the country, and Senate Banking Committee Chairman Tim Johnson (D-S.D.) said last week he is considering holding a hearing. The Credit Union National Association has reached out both to Senate Banking and House Financial Services Committee leaders to encourage them to "fully examine the chronic issue of merchant data breaches, their impact on consumers and financial institutions."
Sen. Patrick Leahy (D-Vt.) took action last week, reintroducing the Personal Data Privacy and Security Act. That bill would establish consumer data security standards for companies, and require them to notify consumers when a data breach has occurred.
The introduction of this legislation, while not specific to the credit union industry, "is great news for credit unions," Association of Vermont Credit Unions President Joe Bergeron said, because it favorably addresses growing marketplace issues that are detrimental to credit unions.
CUNA continues to track the Target breach court cases and related legislative and regulatory actions, and has set up an email account, firstname.lastname@example.org, to take credit union questions on the issue. CUNA also continues to encourage credit unions to respond to its data breach survey. CUNA has received 500 responses so far.
"In demonstrating to lawmakers, regulators and the media the impact of the breach, we need as much information as possible from credit unions," CUNA President/CEO Bill Cheney wrote in this week's Cheney Report.
For the CUNA Target breach survey and the full Cheney Report, use the resource links.