CUNA
  • Advocacy
    • Priorities we’re fighting for
    • Actions you can take
  • News
  • Learn
  • Compliance
  • Shop
  • Topics
    • Compliance
    • Credit Union System
    • Directors
    • Human Resources
    • Leadership
    • Lending
    • Marketing
    • Operations
    • Policy & Issues
    • Sales & Service
    • Technology
  • Credit Union Magazine
    • Buyers' Guide
    • Digital Edition
    • Credit Union Hero
    • Credit Union Rock Star
    • Subscribe
    • Advertise
    • Contact
  • Advertise
  • Awards
    • Nominate Credit Union Hero
    • Nominate Credit Union Rock Star
  • Podcasts
  • Videos
  • Contact
Learn More about Member Value

News

Member Benefits
Learn more
Learn more about the benefits of membership.
Home » Experts: Expect more breaches during holiday season
CU System

Experts: Expect more breaches during holiday season

November 20, 2014

NEW YORK (11/21/14)--It's probably the last thing credit unions--which have been saddled with millions of dollars in costs as a result of recent mega-retailer data breaches--want to hear, but many experts are forecasting a new round of cyberattacks on payment data held by merchants this holiday season. 

"It's just a matter of when they're going to get hacked, not if," Robert Twitchell, president/CEO of the cybersecurity firm Dispersive Technologies, which serves as a consultant to the U.S. Department of Defense in its war against cybercrime, told the International Business Times (Nov. 18).

"It would be a surprise if it doesn't happen again," added John Rose, Boston Consulting Group's global leader. "The cyberattack community is equally aware of the importance of the holiday season, and they've been working on things for a while, so you're going to see an intensity of effort."

Unwelcome news compounded by the fact that merchants continue to operate under payment data security standards that don't match the strict standards financial institutions are required to meet.

Twitchell said that merchants may spend more on safeguarding payment data than in the past, but it still may not be enough to ward off cybercriminals.

"IT organizations have paid attention only to the ABCs of hacking," Twitchell said. "They're adhering to PCI compliance, a government standard of basic security, but the standard hasn't kept up with innovation."

And Twitchell isn't the only one worried about payment security at merchant stores.

Brian Krebs from KrebsOnSecurity.com, a cybercrime blog, said that he expects a new major breach will surface in only the next few weeks.

"The retail industry is just the lowest of the low-hanging fruit when it comes to cybersecurity," he said on "CBS This Morning."

Retailer security performance continues to decline as well, according to the security benchmarking firm BitSight (TechWorld.com Nov. 18), especially for those who have yet to come under attack.  

While a number of retailers that have been hit with breaches have seen improvements in security performance, BitSight found that 58% of the 300 merchants it polled recently had experienced a 90-point decline in performance over the first three quarters of 2014 on a scale that runs from 250 points to 900.

The Credit Union National Association has been on the forefront of the effort to press lawmakers on the issue of unequal payment data security requirements between financial institutions and merchants.

Credit unions nationwide suffered $57 million in costs related to the recent Home Depot data breach, including card reissuances and other fraud-related costs, after getting hit with $30 million in costs from the breach that occurred at Target stores last holiday season.

Meanwhile, the stakes for those that hold sensitive consumer payment data continue to rise. So far this year, 644 breaches have been reported, a 25.3% increase from last year, according to Theft Resource Center (Pymnts.com Nov. 19).

Further, Federal agencies have warned businesses in the United States that hackers are becoming more sophisticated and organized, and even the Chinese government has been sponsoring cyberattacks in search of patented technologies, according to the International Business Times.

The attacks will also continue to evolve, it appears, as Trend Micro predicts that data breaches will migrate to mobile devices carrying personal payment data next year, according to Pymnts.com.

"In 2015, we expect attackers to hack smart device-markers' databases to steal information," Trend Micro reported.

The company also said that a more diverse range of targets will come under fire from cybercriminals, but that personal financial information will continue to be the most hunted data.

Stop the Data Breaches

Identity Theft: Who’s Got Your Number? electronic member seminar kit

Anytime Adviser ID Theft coach

Lock Down Your Smartphone drive-up envelope

Stickley on Security

Awareness Technologies/CUNA Strategic Services

DH Compushare/CUNA Strategic Services

SilverSky/CUNA Strategic Services

TraceSecurity/CUNA Strategic Services

  • Related Articles

    Will shoppers avoid data-breached retailers this holiday season?

    During season of giving, America Saves promotes thrift

    eMarketer expects sales to provide happy holiday for merchants

Subscriber Exclusives Break-through branding

Break-through branding: Build an emotional connection

When Elevations Credit Union expanded into two new counties, senior leadership set out to tell its story in a bold, fresh way.
How technology transforms marketing

How technology transforms marketing

Artificial intelligence improves member conversions, engagement, and retention.
Analytics drives journey toward data nirvana

Analytics drives journey toward 'data nirvana'

Data analytics can provide the 'oh wow' moment of discovering member behavior.
Subscribe Now

Trending

  • It's time to expand our cooperative principles

  • Settlement proposed in data breach lawsuit against Wendy’s

  • Serving the underserved and increasing diversity

Tweets by CUNA_News

Polls

Who should be the 2019 Credit Union Hero of the Year?

View Results
More

Champion of America’s Credit Unions

Credit Union National Association is the only national association that advocates on behalf of all of America’s credit unions. We work tirelessly to protect your best interests in Washington and all 50 states. We fuel your professional growth at every level and champion the credit union story at every turn.

More CUNA

  • About
  • Careers
  • Contact Us
  • Recommended Websites

Resources for

  • CUNA Board Members
  • Credit Union Advocates
  • Leagues
  • Press
  • Vendors