March 18, 2008 The impact on Maine credit unions of the recent debit and credit card compromise at Hannaford Supermarket's is significant. According to early statistics from the Maine Credit Union League, Maine credit unions are expected to be reissuing in excess of 100,000 new credit and debit cards as a result of the compromise.
According to Rebekah Higgins, Card Services Manager at Synergent, the service subsidiary of the Maine Credit Union League which handles card services and processing for many Maine credit unions, "Because the compromise occurred at a major Maine retailer that so many Maine people use on a regular basis, the impact and cost of this compromise will be significantly higher than the TJX compromise last year." Higgins said a number of credit unions have already begun reissuing their entire card base. She also urged consumers to monitor and review their statements from the past few months carefully and report any suspicious or fraudulent activity to their financial institution, adding, "Consumers have zero liability in this compromise."
John Murphy, President of the Maine Credit Union League and Synergent, explained, "In this case, as is often the case in data breaches and compromises, the financial institution has done everything right and it is the merchant who bears full responsibility of the compromise. Unfortunately, though, typically credit unions and other financial institutions bear most, if not all, of the costs associated with the compromise, such as reissuing the cards, staff resources, and communications with members. We are strong advocates that the time has come to shift the financial burden from the financial institution to the source of the breach because, in the case of credit unions, every member-owner is affected by the breach."
Murphy said that the growing frequency of breaches and compromises led the Maine Credit Union League to help draft legislation that was introduced this session that directs the Bureau of Financial Institutions to study the effect of data security breaches, including the damages suffered as a result of these breaches, on Maine credit unions and banks. The Resolve has passed both the House and Senate and is nearly ready to be sent to the Governor for his signature. The Resolve directs the Bureau to report its findings to the Legislature no later than December 1, 2008. "Hopefully, this is the first step in helping to further understand the significance of this issue and to begin to look for ways that will force the cause of compromises and breaches to be held accountable and responsible for the cost, a solution that we believe would lead to better security measures being put in place to prevent breaches and better protect consumers," Murphy concluded.
|
