The National Association of Federal Credit Unions urged Congress last week to take action on proposed data security and breach notification standards.
The call for action came one day after Michaels Stores confirmed as many as 2.6 million customers had their credit card data compromised between May 2013 and January 2014. Between June 2013 and February 2014, 400,000 consumers had their credit card information compromised at Michaels’ Aaron Brothers stores.
NAFCU said the switch to chip and PIN technology–a move advocated by retail trade organizations–will not be a “panacea” for data security and preventing data breaches.
“Many ‘chip and PIN’ cards were compromised in the Target data breach because the terminals at the point of sale only accepted magnetic stripe technology,” NAFCU said in its letter to Senate Majority Leader Harry Reid, Minority Leader Mitch McConnell and House Speaker John Boehner. “Additionally, ‘chip and PIN’ technology does not protect against online fraud, as the technology is designed to hinder in-person fraud and card duplication. This is yet another fact highlighting the need for greater national data security standards as the way to truly help protect consumer financial information.”
NAFCU’s calls join a chorus of others who have pushed for stronger data security standards. According to the Identity Theft Resource Center, more than 600 data breaches were reported last year—a 30 percent increase over 2012.
NAFCU suggested that Congress implement rules that would require entities that experience a data breach to be responsible for the costs, to require retailers and other entities to safeguard sensitive consumer data and to require entities to provide burden of proof for lack of fault in a data breach.