BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Credit Unions Hit Hard By Home Depot Breach

From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Mon, 3 Nov 2014 18:58:18 -0700
https://vpncreative.net/2014/11/01/credit-unions-hit-hard-home-depot-breach/

The Home Depot breach has hit credit unions across the US hard, costing up
to $60m, almost double that of the Target breach, according to new reports.

Credit Union Times reports that that a survey conducted by the Credit Union
National Association (CUNA) throughout October found that 7.2m credit union
cards were breached by the high profile hacking at the major retailer. The
effects have impacted CUs in several different states.

Georgia, Alabama, and Oregon credit unions, for example, have all lost $1m
respectively mostly through card reissuance, which is an expensive process
says CUNA’s chief economist Bill Hampel. “[O]ur latest survey found that
fraud is the most expensive component of costs, amounting to $4.89 for each
card, or 60% of the total costs,” he said.

“The bottom line is that credit union members end up paying the costs –
despite the fact that the credit unions they own had nothing to do with
causing the breach in the first place,” adds CUNA CEO Jim Nussle.

John Kerley, COO of Cooperative Services in Georgia, adds that credit
unions are not being reimbursed for their losses following these massive
data breaches. “Merchants, which allowed the breaches to occur, have no
financial responsibility to make the consumer or the financial institution
whole,” he said. “Financial institutions are the ones who bare the expense
for the merchants’ negligence.”

Some credit union bodies say they have moved to protect their customers as
best they can. Lynn Heider of the Northwest Credit Union Association added:
“Oregon credit unions moved quickly to protect their 1.4 million members.”

“Report any transactions you did not make to your card issuer, and change
your passwords and codes periodically.”

Nussle adds that Congress needs to address the issue of data breaches like
Home Depot and Target to create a consistent rule book for data security.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!
Previous By Date Next
Previous By Thread Next

Current thread: