Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive
150x172_CUEffect.jpg
Contacts
LISA MCCUEVICE PRESIDENT OF COMMUNICATIONS
EDITOR-IN-CHIEF
MICHELLE WILLITSManaging Editor
RON JOOSSASSISTANT EDITOR
ALEX MCVEIGHSTAFF NEWSWRITER
TOM SAKASHSTAFF NEWSWRITER

News Now

Washington
Hill report alleges Target weaknesses leading to data breach
WASHINGTON (3/27/14)--U.S. retailer Target missed several opportunities to stop last year's data breach that compromised about 40 million debit and credit card numbers and the personal information of 70 million customers, a new Senate Commerce Committee report has revealed.
 
The report was released at a Wednesday committee hearing on the data breach.
 
The breach impacted credit unions, costing them an estimated $30.6 million. Future fraud could increase these costs, according to the Credit Union National Association. Credit unions are among the plaintiffs in more than 90 lawsuits that have been filed against Target.
 
The Senate analysis highlighted certain issues that contributed to the breach, including:
  • Target's decision to give network access to a third-party vendor that failed to follow broadly accepted information security practices. "The vendor's weak security allowed the attackers to gain a foothold in Target's network," the report said;
  • Target's failure to respond to multiple automated warnings from anti-intrusion software which detected malware installations and reported on escape routes hackers planned to use to remove data from Target's network; and
  • Target's failure to properly isolate sensitive data from other less sensitive data on its network.
Committee Chairman John D. Rockefeller IV (D-W.Va.) in a Wednesday release said, "(I)f Target--or any other company--is going to collect detailed information about its customers, they need to do everything possible to protect it from identity thieves...Target must be a clarion call to businesses, both large and small, that it's time to invest in some changes."
 
CUNA has asked Congress to address data security relative to merchants, who are not held to the same standards of security as credit union and other financial institutions.
 
In particular, CUNA suggests all payment system participants are held to comparable levels of federal data security requirements; those responsible for the data breach should be responsible for the costs of helping consumers; and those responsible should ensure consumers know where their information was breached.
 
For the full committee report on the Target breach, use the resource link.
 
 
Other Resources

Senate Target Report
RSS





print
News Now LiveWire
Final field-of-membership rule tops April 30 NCUA agenda http://t.co/gFIhRhUCts
11 hours ago
.@CUNA's @Nussle speaks to @VonnieQuinn about #StoptheDataBreaches and reg. relief. http://t.co/TMTubG9Afk
13 hours ago
RT @NCUFoundation: .The Foundation's @hylandhighway with @NatlJumpStart President/CEO Laura Levine at #FLHillDay2015 today: http://t.co/ep5…
16 hours ago
Seriously underwater homes rise, new-home sales tumble News Now: http://t.co/2LzWTkqnES
16 hours ago
#NewsNow Cornerstone Foundation awards $71K in grants http://t.co/Y6D8K9rwWv
18 hours ago