Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CUNA Provides Clarification on Target Breach Notifications

WASHINGTON (1/7/14)--Credit unions continue to ask what steps should be taken to alert members about the importance of monitoring their accounts as a result of the Target data breach.
"This is a business decision for the credit union to decide whether--and if so, how--to communicate with members," said Kathy Thompson, Credit Union National Association senior vice president for compliance Monday.  "Contrary to what we've reported earlier, there is no regulatory requirements about notifying members when a breach occurs in a merchant's information systems.  Section 748/Appendix B of NCUA's regulations on member notification only is triggered when there has been unauthorized access to member information directly from the credit union's system or its third-party service provider." (See resource link for past News Now story.
CUNA provided clarifying information about the requirements on a new CompBlog post on Jan. 6, explaining that it is up to the credit union to determine how it will communicate with its members. 
"Certainly all members need to be reminded of the importance of thoroughly reviewing their statements regularly," Thompson wrote.  CUNA has heard from credit unions that they are posting information on their websites, including information in their newsletters, or adding information to their call center response lines about what the credit union is doing to stay on top of the situation and what members need to do to monitor their accounts.  Some credit unions have already decided to re-issue cards on vulnerable accounts, while others continue to closely monitor account activity for suspicious transactions.
Thompson reminds credit unions that "your insurance company and VISA and MasterCard need to know about incidents of unauthorized access to specific members' accounts so they can continue to investigate the Target breach." 
Last week CUNA announced it's asking credit unions to complete a survey (see resource link) on costs they are incurring due to the Target data breach. 
"We know that this is early in the process of monitoring, potentially freezing, and perhaps re-opening accounts.  But we are asking credit unions to keep track of these costs and respond to our survey in coming weeks," Thompson said. 
She notes that for several years CUNA has been pushing for congressional action on legislation to require merchants to reimburse financial institutions for costs incurred when breaches occur in retailers' systems.  "Actual cost data will obviously be very useful in helping us to represent credit unions," Thompson noted. 

News Now LiveWire
About 1 in 5 #CUs offer credit-building loans,@SchenkMike @CUNA vice president of economics and statistics, told @CreditCardsCom
18 minutes ago
RT @CUNA: DDoS attacks shorter, intense, more expensive: @VERISIGN HT @newsnowlivewire
39 minutes ago
RT @CUNA: .@CUNACouncils launches new website. Offering site tours to current members. Check it out!
40 minutes ago
.@Discover to support #ApplePay by fall HT @Forbes
2 hours ago
.@HUDgov requires investors to delay foreclosure for a year and offers a non-profit only pool sale
5 hours ago