WASHINGTON (10/31/14)--Credit Union National Association President/CEO Jim Nussle strongly took issue Thursday with merchants' attempt to shirk the responsibility that is theirs in the serious and growing problem of exposure of customer data through information breaches at retailers.
Nussle was responding to a letter from the CEOs and presidents of the Retail Industry Leaders Association, the National Association of Convenience Stores, the National Retail Federation, the National Grocers Association, the Food Marketing Institute and the Merchant Advisory Group. That letter maintains, in part, that costs in breaches are borne roughly equally by financial institutions and retailers.
"As we have documented in two surveys this year, data breaches at retailers have cost credit unions and their members a minimum of $90 million--and those are the costs only for breaches at Target, for $30 million, and Home Depot, at nearly $60 million," Nussle declared Thursday.
"With the many other breaches that have also occurred--at Staples, Neiman-Marcus and others--certainly credit unions have incurred millions more in costs this year.
"In our most recent survey, released just yesterday, credit unions told us that--to date--they have received no reimbursements for the Target breach, now more than 10 months after the breach occurred.
"In short, we'll back off highlighting the costs of data breaches on credit unions when merchants step up and take responsibility, adopt the same data standards, and stop making consumers vulnerable."
(See related story: Home Depot breach costs CUs almost double Target breach.)