Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

Washington
CompBlog provides many CU tips on prepping data breach response
WASHINGTON (2/12/14)--Is your credit union preparing for the increasing threat posed by data breaches? In the event of a breach, notifying members is always a good first step, the Credit Union National Association's CompBlog noted in the latest CompBlog Wrap-Up.

Part 748 of National Credit Union Administration regulations only require credit unions to notify regulators and affected members after a breach involving member information systems maintained by a credit union or its contracted service providers. So, a merchant breach would not trigger a Part 748 member notification, CUNA explained.

"Nevertheless, notifying affected members is still a good idea, both to protect the member and the credit union from fraudulent card usage," CUNA said.

Many credit unions have alerted their members through mail and e-mail following the Target data breach, posted information on their websites and educated members on the steps they can take to protect themselves. CUNA emphasized that these efforts are still ongoing.

There are 46 states that have their own data breach notification laws, and state leagues will have information on any specific actions that are required by state law, the blog post added. (For a state law list compiled by the National Conference of State Legislatures, use the resource link.)

CUNA Mutual Group has also released a series of tips to help credit unions mitigate the risks posed by data breaches. Tips include:
  • Educating cardholders regarding phishing fraud (i.e., not responding to phone calls or e-mail/text messages requesting ac-count information), reporting fraudulent transactions to the credit union and placing fraud alerts on credit reports;
  • Reviewing the card associations alerts daily and taking action when necessary;
  • Evaluating compromised card numbers to determine if there will be increased fraud exposure;
  • Blocking and reissuing affected cards, or accelerating card expiration dates on active cards;
  • Making sure that all fraud associated with an event has been reported to the card associations and to the credit union's insurance company; and
  • Working with a fraud monitoring system vendor to create rules and strategies to help prevent future fraud on the com-promised card accounts.
For more compliance gems, use the resource link.
RSS print
News Now LiveWire
Fryzel added @TheNCUA is fed. governmt, thereby will B criticized, but always tried 2 do what is right. McWatters still 2 B sworn in.2of2
2 hours ago
Before @TheNCUA meeting adjourned, board member Fryzel said goodbyes, praised dedicated CU officials. 1of 2
2 hours ago
.@TheNCUA revised budget is down by $1.1 mil for year ending Dec 31, 2014. That brings total revised budget to $266,920,296.
2 hours ago
.@TheNCUA says it will update it NCUA Guaranteed Notes (NGA) report on its website in October.
2 hours ago
Also carved out from the @TheNCUA fixed-asst plan, CUs with less than $1 million in assets.
3 hours ago