MADISON, Wis. (5/2/13)--Credit unions in three states are reporting fraudulent activity related to compromised cards from breaches and skimming devices. The incidents are in Illinois, California, and Alabama.
The University of Illinois Employees CU, Champaign, Ill., last week replaced about 3,400 debit cards and 1,400 credit cards that had been compromised by a data breach at Schnuck's supermarkets after a "tsunami" of fraud reports that may cost "tens of thousands" of dollars, the credit union told the News-Gazette (May 1).
Schnuck's is a privately held chain of more than 90 supermarkets in the Midwest. The breach was announced last month (News Now April 2).
The credit union accommodated debit card owners by waiving fees on Visa travel cards and offering shared-branching services so members could get cash. About one in four of the credit union's cardholders had used their cards at Schnucks during December to March, when the information was compromised.
In Capitola, Calif., Bay FCU members reported fraudulent transactions to the $678.5 million asset credit union. Police are investigating more than 50 credit card reports related to information that may have been skimmed on devices planted at a local gas and automotive store. The gas station was unaware of the devices and is cooperating with police, said the San Jose Mercury News (April 30).
Fort McClellan CU, an $184 million asset credit union in Anniston, Ala., sent a letter to members indicating that during March, debit card accounts issued by banks and credit unions in Calhoun County, Ala., and nearby communities, were compromised and unauthorized transactions made on "many" accounts (Examiner.com April 30).
Authorities have not determined how the account numbers were obtained, but they said credit union members and bank customers affected had used the cards in a common environment or merchant location. The account information was distributed to criminals who made unauthorized transactions "on a widespread basis."
The credit union is contacting members whose cards were compromised and is arranging to reissue new cards.