SAN ANTONIO and MARQUETTE, Mich. (1/29/15)--Data breaches may not always occur at massive retailers such as Target or Home Depot, but that doesn't dampen the serious effect all breaches have on financial institutions and consumers.
In San Antonio, a recent data breach at a merchant payment terminal cost Baptist CU, with $33 million in assets, $17,000 to reimburse members for fraudulent charges on their payment cards alone (KABB-TV Jan. 27).
Nearly 100 Baptist CU members had their credit and debit card information swiped, an event that dramatically affected the credit union, but not the merchant responsible for allowing the breach.
Worse, Nick Holguin, president/CEO of the credit union, said Baptist CU couldn't even warn members about where the breach happened in order to protect them from further incidents.
"Right now, it's very frustrating because although we've identified where the potential breach is, we cannot tell our members to stop shopping there," Holguin told KABB-TV.
"They need to hold the vendors or merchants responsible for these losses. We need to hold them to the same security standards that they hold financial institutions."
Consumers in Marquette, Mich., are feeling the effects of a spate of recent data breaches as well.
A number of stores in Marquette, including the Blue Link Party Store, were hacked in recent weeks, and consumers and credit union members alike are beginning to see fraudulent transactions appear on their credit card statements.
"Last week, my credit union had contacted me ... and said, 'Hey, there might be a fraudulent charge (on your card),'" Kevin Terpstra, a recent shopper at Blue Link, told WBUP-TV (Jan. 27). "They went through some recent charges that have been on my card, and they came to this one charge" for $454 and some change at a CVS store.
"I said, 'I haven't been to a CVS, I think, in my life.' They said, 'Well, it was in Lake Orion,' and I said, 'I've never been to Lake Orion.'"
The Credit Union National Association continues to lobby on Capitol Hill for equitable payment data security standards between merchants and financial institutions.
Merchants are not held to the same strict data protection requirements that financial institutions must uphold, leaving the payments network vulnerable, CUNA's leaders have said.
The Cooperative Credit Union Association (CCUA), meanwhile, recently created a survey to assess the effects recent data breaches have had on its member credit unions, and to develop recommendations for policy change (Daily CU Scan Jan. 27).
With the survey, performed in coordination with the association's data breach working group, CCUA--serving credit unions in Massachusetts, Rhode Island and New Hampshire--hopes to compile recommendations for congressional delegations.
The survey will close Feb. 27, at which point the results will be collected and subsequently made available.