"But our latest survey found that fraud is the most expensive component of costs, amounting to $4.89 for each card, or 60% of the total costs," he added.

CUNA's earlier survey on the Target data breach found the cost to credit unions was nearly $30 million.

"The most recent CUNA survey found that – to date — credit unions have not been reimbursed for the costs they incurred as a result of the Target breach," the trade group said in a press release.

"The cost to credit unions of data breaches – which seem to be occurring with increasing regularity – is rising, as the CUNA surveys clearly demonstrate," CUNA President/CEO Jim Nussle said.

"The bottom line is that credit union members end up paying the costs – despite the fact that the credit unions they own had nothing to do with causing the breach in the first place," he continued.

Nussle said current law allows merchants to abdicate their responsibility, which makes consumers vulnerable.

"Congress has a role to play in addressing the issue of merchant data breaches by making sure all of the participants are playing by the same set of data security rules, and that merchants who hold consumer data and allow that data to be breached, are responsible for the costs incurred by others," he said.