MADISON, Wis. (4/12/12)--The number of credit unions affected by the Global Payments data breaches could number into the hundreds, though the exact number or amount of fraudulent transactions is not yet known, said a CUNA Mutual Group security expert.
"One credit union has more than $100,000 in fraud, and some have zero," said Ann Davidson, CUNA Mutual Group risk manager. "It's in that window."
The University of Iowa Community CU has recalled 200 cards from account holders as a result of the Global Payments breach (Daily Iowan April 11).
Visa and MasterCard continue to expand the window during which the data breach occurred. As of Wednesday, Visa reported that the breach occurred between Dec. 12 and Feb. 25. MasterCard has said it could have begun as early as Dec. 3.
"I don't think anyone really knows how far back this is going to go until the investigation has been completed," Davidson told News Now.
Credit union fraud prevention practices such as system monitoring and daily limits are among the best in the financial services industry, but the level of trust members have for their credit unions can make them easy victims of social engineering scams, Davidson said.
"Members have to be ever so cautious and never give out any personal financial information," she added. "That can't be emphasized enough."
U.S. financial institutions are among the last in the world to adopt the more secure chip technology for debit and credit cards. Magnetic stripe technology is much more vulnerable to fraud, Davidson said.
On Wednesday, CUNA Mutual issued a risk alert to its bondholders advising them to move forward with chip technology.
"Implementing chip technology (point-of-sale and ATM terminals) will significantly reduce magnetic stripe counterfeit fraud and improve the overall security of the U.S. payment infrastructure," the CUNA Mutual risk alert said. "Chip security provides a number of benefits, including authentication of cardholders and transaction authorizations based on issuer defined rules."