The Credit Union National Association recently urged members of the House Financial Services and Senate Banking Committees to examine “the chronic issue of merchant data breaches” and their impact on consumers and financial institutions.
In December, Target announced that approximately 40 million debit and credit cards were compromised in a security breach. CUNA President and CEO Bill Cheney said the costs of merchant data breaches “can be significant for credit unions of all sizes.”
“Failure to hold merchants fully accountable for data breaches when they occur ultimately harms consumers, undermines their confidence in our payments system, and adds to their growing frustrations that government is not protecting their interests,” Cheney said in the letter to House committee leaders Jeb Hensarling (R-Texas) and Maxine Waters (D-Calif.), and Senate Banking Committee leaders Tim Johnson (D-S.D.) and Mike Crapo (R-Idaho).
Cheney said Target’s response to the breach was “in line with some other companies’ responses to breaches since merchants are rarely held responsible for reimbursing financial institutions for the cost that the data breach has caused the financial institution or consumers to incur.”
Additionally, Cheney suggested that merchants that accept debit and credit cards should be held to the same security standards as credit unions, which he said should have the ability to tell members the name of the merchant where accounts were compromised. He also said merchants should be financially responsible for the impact of data breaches on consumers and financial institutions.