National Association of Federal Credit Unions Calls for Retailer Data Standards

Alarmed at the rising number of customer data breaches happening at U.S. retailers, the National Association of Federal Credit Unions (NAFCU) is calling for action.

During the holiday season last year, Americans were shocked to learn that retailer Target’s systems had been breached, and that data from millions of customer debit cards had been stolen. The news only got worse in the weeks following, when several other retailers revealed that they, too, had experienced similar breaches.

The latest outrage involves restaurant chain P.F. Chang’s, who say that they have recently been hit by data thieves.

It seems that the Target breach was not an anomaly; it was the harbinger of a trend. Credit unions across the country are concerned about the integrity of their members’ data, whenever members use their debit or credit cards to make retail purchases.

NAFCU President and CEO Dan Berger has therefore renewed his call for national standards on data security and breach notification for retailers. “It has been almost six months since Target’s data breach, and we still have no new data security standards for retailers,” said Berger. “Since Target, there has been a major data breach discovered almost every month. The continued lack of national data security standards is an open invitation to cybercriminals.”

In a statement, the Association cites a report from Intel Security and the Center for Strategic and International Studies, which says that cybercrime is costing the global economy $575 billion and the U.S. economy $100 billion annually.

According to the report, the U.S. is now the hardest-hit nation when it comes to cybercrime.

NAFCU wants national data security standards for retailers, and said it will continue to push for legislative action on Capitol Hill. The Association points out that the Gramm-Leach-Bliley Act already subjects credit unions and banks to such standards.

Under the law, credit unions bear what the Association terms, “a significant burden” as the issuers of payment cards used by millions of consumers. However, retailers have no similar law governing their responsibilities to customers, it said.

What’s clear is that all parties in the payments chain – from financial institutions to payment processors to retailers – need to work together, and maintain the highest standards for security. And when breaches occur, they must work together to protect customer interests, and to thwart cyber criminals. Credit unions are doing their part, but it’s got to be a team effort.