Welcome to the Business Journal Archives
Search for articles below, or continue to the all new BusinessJournalDaily.com now.
Search
Data Breaches at Home Depot Cost Credit Unions $60M
YOUNGSTOWN, Ohio -- The data security breach at Home Depot has cost credit unions in the United States nearly $60 million in unreimbursed expenses, the Credit Union National Association reported Thursday. CUNA is headquartered in Washington, D.C.
Affected by the breaches are nearly 165,000 members of Ohio credit unions that incurred more than $1.3 million in related expense, said Patrick Harris, director of legislative affairs for the Ohio Credit Union League in Columbus.
In the Mahoning Valley, the president and CEO of Associated School Employees Credit Union, Mike Kurish, said Thursday that the cards of more than 1,000 of his members have been compromised because of security breaches at Home Depot, Target, Staples and Jimmy John’s.
The Seven Seventeen Credit Union, based in Warren, suffered fraud losses of $6,000 because of the breach at Home Depot, said Eric Lanham, senior vice president and director of marketing. Seven Seventeen had to reissue 7,500 debit cards and 850 credit cards at a cost of $18,500.
The CUNA experience with Home Depot comes on top of the unreimbursed expenses of nearly $30 million they incurred from the data breach at Target, the association said.
Included in the unreimbursed expenses are the costs of notifying the holders of some 7.2 million credit and debit cards, additional staffing to handle concerns, the cost of replacing compromised cards with new ones, and monitoring members’ accounts, says Zan McKelway, spokesman for the credit-union association.
At ASECU, headquartered in Austintown, Kurish said it cost his credit union $5,000 simply to notify members and reissue them credit and debit cards. This excludes the losses it has absorbed from fraudulent use, the insurance premiums to reimburse members for that fraudulent use, and software ASECU has purchased to monitor suspicious activity. When those costs are factored, the losses absorbed “are in the five-figure range.” He declined to be more specific.
The ASECU member, he pointed out, is further inconvenienced because of monthly expenses he has charged to his card, such a newspaper subscription, contributions to a charity or membership in a health club. He must notify the merchant of his new credit card account number and expiration date.
“Card reissuance is an expensive proposition, representing about a quarter of the total costs to credit unions of these breaches, the chief economist of the association, Bill Hampel, said in a prepared statement. “[We] found that fraud is the most expensive component of costs, amounting to $4.89 for each card, or 60% of total costs.”
Total costs of the violations were put at $8.02 per card.
The Credit Union National Association released the data in an effort to get Congress to have “the merchants who hold consumer data and allow that data to be breached [held] responsible for the costs incurred by others,” said the president and CEO of the association, Jim Nussle, in a prepared statement. “The bottom line is that credit union members end up paying the costs.”
Said Seven Seventeen’s Lanham, “We didn’t do anything wrong. Our members didn’t do anything wrong. But we’re the ones who have to absorb the expense. It costs all of us.”
Copyright 2014 The Business Journal, Youngstown, Ohio.
CLICK HERE to subscribe to our twice-monthly print edition and to our free daily email headlines.