Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

Washington
CUNA Provides Clarification on Target Breach Notifications

 
WASHINGTON (1/7/14)--Credit unions continue to ask what steps should be taken to alert members about the importance of monitoring their accounts as a result of the Target data breach.
 
"This is a business decision for the credit union to decide whether--and if so, how--to communicate with members," said Kathy Thompson, Credit Union National Association senior vice president for compliance Monday.  "Contrary to what we've reported earlier, there is no regulatory requirements about notifying members when a breach occurs in a merchant's information systems.  Section 748/Appendix B of NCUA's regulations on member notification only is triggered when there has been unauthorized access to member information directly from the credit union's system or its third-party service provider." (See resource link for past News Now story.
 
CUNA provided clarifying information about the requirements on a new CompBlog post on Jan. 6, explaining that it is up to the credit union to determine how it will communicate with its members. 
 
"Certainly all members need to be reminded of the importance of thoroughly reviewing their statements regularly," Thompson wrote.  CUNA has heard from credit unions that they are posting information on their websites, including information in their newsletters, or adding information to their call center response lines about what the credit union is doing to stay on top of the situation and what members need to do to monitor their accounts.  Some credit unions have already decided to re-issue cards on vulnerable accounts, while others continue to closely monitor account activity for suspicious transactions.
 
Thompson reminds credit unions that "your insurance company and VISA and MasterCard need to know about incidents of unauthorized access to specific members' accounts so they can continue to investigate the Target breach." 
 
Last week CUNA announced it's asking credit unions to complete a survey (see resource link) on costs they are incurring due to the Target data breach. 
 
"We know that this is early in the process of monitoring, potentially freezing, and perhaps re-opening accounts.  But we are asking credit unions to keep track of these costs and respond to our survey in coming weeks," Thompson said. 
 
She notes that for several years CUNA has been pushing for congressional action on legislation to require merchants to reimburse financial institutions for costs incurred when breaches occur in retailers' systems.  "Actual cost data will obviously be very useful in helping us to represent credit unions," Thompson noted. 
 
RSS print
News Now LiveWire
Ala. veterans can get job advice at Friday's career fair hosted by @RedstoneFCU http://t.co/9tf0tEcW4N
5 hours ago
See how one St. Louis-based #creditunion is helping members access transportation; get to work #tomorrow #NewsNow #CUNA
7 hours ago
Matz says no to @CUNA, NAFCU request for 90-day comment period extension on risk-based capital plan. Deadline stays at May 28.
7 hours ago
Sen. Banking Com. schedules April 29 vote on McWatters' @TheNCUA nomination--same day as panel vote on Johnson-Crapo housing finance reform.
7 hours ago
3 Wash. state CUs members were rewarded with $5K checks--the biggest winners yet in the state's prized-linked savings program, #SaveToWin
8 hours ago