MADISON, Wis. (3/19/08)--CUNA Mutual policyholders will receive an alert today outlining steps they can take in the event of a card data breach. The alert comes after news of a data breach involving Hannaford Bros. grocery stores broke earlier this week. The breach affects 165 Hannaford Bros. stores in New England and New York, and 106 Sweetbay stores in Florida. Credit unions need to read carefully any alerts they receive from credit card companies--in the case of Hannaford Bros., the companies are Visa and MasterCard, Ann Davidson, CUNA Mutual risk manager, told News Now
. The alerts will tell credit unions what data elements were compromised. For instance, the Hannaford breach put Track 1 or Track 2 card data at risk, which could lead to magnetic stripe fraud. “This is critical because if a thief got enough data for transactions, that is a high risk,” she said. Credit unions also should:
* Review authorization strategies for adjustments based on compromises; * Pay attention to the transaction types at risk (signature versus personal identification number); * Look at the list of cards that were affected and focus on the ones that are still live; * Consider blocking and re-issuing cards that are at high risk; and * Work with any third-party service providers to make sure they are aware of the situation.
If full track card data has been compromised, credit unions “can’t afford not to block and re-issue cards,” Davidson said. The Hannaford breach is comparable to last year’s TJX breach, but the window of time that the data was exposed is much shorter. The Hannaford breach exposed data from Dec. 2007 to March 2008, whereas TJX was “a number of years,” she said.