WASHINGTON (2/13/14)--With updated projections on the cost of the Target stores data breach, the Credit Union National Association estimates that credit unions have thus far incurred costs of $30.6 million, and reissued around 4.6 million credit and debit cards.
However, CUNA again emphasized that future fraud losses associated with the breach likely will greatly add to the total.
"Although Target is ultimately responsible for this data breach, credit unions must solely cover these costs of their card program administration," CUNA President/CEO Bill Cheney said. "It's time for retailers like Target to step up and accept their fair share of the costs associated with these types of data breaches."
The CUNA leader added, "Credit unions are owned by their members, and because of that cooperative structure, the costs of these types of breaches fall directly to credit union members.
"Congress should act to stop this cycle, and hold merchants accountable."
Nearly all of the more-than 1,100 credit unions that responded to the survey offer debit and/or credit cards to their members, and 94% of respondents had been notified by their processor or network that some of their members' cards had been affected by the breach.
The Target breach has cost credit unions on average about $5.68 per card affected by the security lapse. Other expenses have come from administrative costs.
Some credit unions have had to increase staffing and add overtime shifts as a result of the data breach. Smaller credit unions typically must pay more to replace cards, according to CUNA's Cheney.
"Unlike trillion-dollar banks, with their economies of scale, smaller credit unions face a more expensive proposition in replacing their cards--but still they must cover those costs alone," Cheney said.