Data breaches are an everyday occurrence and sadly, becoming the new norm. With so many being reported, many consumers are beginning to feel breach fatigue and are concerned and left frustrated asking themselves, "What can I do?"
The convenience of credit cards outweighs the risk of carrying a fat wallet full of cash. There are also many incentives for credit card users with various loyalty programs in place so that they can earn cash back on their purchases. Convenience will always trump security for most consumers until the scale of theft and fraud reaches a new high.
Recommended For You
Reputable credit unions typically cover the expenses related to security breaches and the economic fallout that follows. Because they are member-owned financial cooperatives and are controlled by its members, they are organized and structured to serve the people first. To keep their members happy, credit unions need to provide credit at competitive rates, which can be challenging when you factor in the additional costs of data breaches.
When Home Depot was breached, the credit unions had to pay close to $60 million dollars for the reissuance of new cards and to cover fraud costs. Similarly, the Target data breach at the end of 2013 ended up costing credit unions about $30 million dollars. While Target's damage was only half the dollar amount, both of these cases clearly demonstrated the staggering amount of money on the line.
One continual challenge has been the significant cost in updating security throughout the entire process. Merchants do not invest enough capital in data security protection, making them vulnerable to attacks. Hackers go for the easy targets, which are usually merchants with lax security measures over a financial institution or credit union that are subject to federal data protection standards.
Estimates for 2014 showed there were over 750 data security breaches exposing millions of data records. Over the past decade, there have been more than 5,000 reported data breaches with an estimated 675 million records compromised. With so many data breaches occurring who pays to issue all the new cards? Typically, that falls on issuing banks, credit unions and ultimately, the consumer in the form of higher rates. Since merchants are shifting the costs away from themselves and towards others, they have no real incentive to fix their own security problems.
To make matters worse, laws currently in place prevent credit unions from disclosing the specific merchant where the breach occurred. They also cannot disclose the merchant's lack of security. This lack of transparency and communication between both parties only stands to benefit hackers.
Is there light at the end of the tunnel? The surge in data breaches over past two years has pushed credit card companies to enact a liability shift that, as of October 2015, will pass onto the issuing bank and credit union if they have not adopted the chip and PIN technology. The chip approach involves a computer chip embedded in the smart card and the PIN is a personal identification number the customer supplies just like a debit card. This technology has been used globally for over a decade, except in the U.S., and provides an additional layer of security requiring the customer to provide a secure PIN at the point-of-sale terminal.
Remember, the next big data breach you read about will have real costs for real people. You will probably be among them.
Scott Schober is president/CEO of Berkeley Varitronics Systems Inc. He can be reached at 732-548-3737 or [email protected].
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
