WASHINGTON (2/6/14)--Saying "it's time to stop the blame game and be part of the solution," the Credit Union National Association and partner financial services associations corrected some distortions circulated by merchants in a Wednesday communication to members of the U.S. Congress.
The memo was sent to Capitol Hill as the House Energy and Commerce manufacturing and trade subcommittee held a hearing titled "Protecting Consumer Information: Can Data Breaches Be Prevented?"
The hearing is one of three this week on data security.
While Target and Neiman Marcus have recently accepted their share of responsibility for recent breaches, and have pledged to work with law enforcement and Congress to improve the situation, other merchants have not followed suit. Some in the retail industry have made, and continue to make, several misleading and counterproductive statements about the breaches and the position of credit unions and banks across the country, CUNA and its partners wrote.
The letter cited Identity Theft Resource Center research which found that 77% of breaches in 2013 occurred at healthcare facilities and businesses, including retailers. "That's compared to just 4% at financial institutions," the letter noted.
The joint trade group letter also noted:
- The recent breaches all involve intrusions into the computer networks of various companies. These compromises have nothing to do with card technology (e.g., "chip and PIN") and everything to do with holes in internal firewalls at these companies that criminals are exploiting; and
- It is the nation's banks and credit unions that initially make consumers whole, often receiving minimal reimbursement for their efforts.
"Certain retail groups cannot be allowed to divert attention and duck their responsibility for protecting the sensitive personal information of consumers by always claiming that 'it's someone else's fault,'" the letter said. "In fact, it is all of our responsibility to fight an elusive criminal element."
The letter, which was cosigned by the American Bankers Association, Consumer Bankers Association, The Financial Services Roundtable, Independent Community Bankers Association and the National Association of Federal Credit Unions, received coverage in
The joint letter is one of many ways CUNA and others have advocated for financial services and consumer interests amid a slew of data security and cybersecurity hearings.
Several other data security hearings have been scheduled for this week, including a Wednesday House Energy and Commerce manufacturing and trade subcommittee hearing titled "Protecting Consumer Information: Can Data Breaches Be Prevented?"
A Senate Banking Committee hearing titled "Oversight of Financial Stability and Data Security" is also on the schedule today. Several federal banking regulators will testify, but the National Credit Union Administration is not on the list of regulators invited to testify.
CUNA in a letter submitted for the record of today's hearing noted that Congress should take a broad look at how consumer data is secured and the improvements that are necessary to prevent future breaches from taking place. Similar sentiments have been expressed in letters sent to Monday and Tuesday congressional hearings on data security issues.