This is a memo from President/CEO Tom O’Shea
At Aspire FCU, we believe protecting the privacy and security of our members’ accounts is our most important responsibility. As you probably know, we recently upgraded our systems to provide you with more security features.
When we discover a data breach at retailers like Staples, Target or Home Depot, we take action immediately to change account numbers and issue new credit and debit cards for members who were affected.
In many cases, we aren’t permitted to tell you which merchant caused the breach even though we are working to protect your account from the fraud.
The possibility of having your personal financial data stolen is enough of a burden. You shouldn’t have to worry about who is going to clean up the mess and pay the bills for the fraud. There were over 500 data security breaches in 2014 and over 75 million data records have been exposed. Read more about the problem here.
If you’re like most people, you probably assume that merchants are financially responsible since their security failures caused the theft of your data. Unfortunately, that’s not how it works.
Credit unions like ours bear the brunt of these costs after a merchant data breach, even though we, and members like you, had nothing to do with it.
Please view this short video that explains the issue in one minute:
To give you one example, after the Target breach, credit unions were left on the hook for $30.6 million and credit unions reissued 4.6 million credit and debit cards.
Because we are not-for-profit cooperatives owned by our members, you ultimately foot the bill. After you’ve been victimized by having your financial data stolen, you shouldn’t have to pick up the tab to clean up the mess too.
Right now, merchants can shift most of the costs of their data breaches to others. This means there is no incentive for them to spend the time and money to increase their data security. That’s wrong for consumers and it’s bad for our economy.
That’s why Aspire FCU and other credit unions across the country are working together to improve protections for consumers who are victims of merchant data breaches. We are incurring a lot of costs to protect your data; they should take on a similar responsibility.
We’re calling on Congress to step up and protect credit union members:
- By holding merchants accountable for their data breaches.
- By requiring merchants to reimburse credit unions for the costs they incur for data breaches.
- By allowing credit unions to tell their members the name of the merchant causing the data breach.
I hope you’ll consider lending your voice to this important effort. Please click on this link to learn more about the problem and send an e-mail to your U.S. Representative and U.S. Senators. Tell them they must take action to protect consumers like you.