The data breach at Target is the story of a double standard “that is neither healthy nor fair,” National Credit Union Administration Chairman Debbie Matz said today at the 2014 Governmental Affairs Conference. “While financial institutions are required by law to protect sensitive personal information, data protection standards for retailers are too often simply not adequate,” Matz added.

The Credit Union National Association has made this same point in several recent letters to the U.S. Congress.
The NCUA leader identified cyber-security as one of the top priorities for the regulator and the credit union system going forward.

“A data breach–even if it’s outside the financial system–can have enormous negative repercussions inside the financial system,” Matz said. “No matter how far removed a given data breach is from your credit union, if it affects your members, you can pay dearly–both in terms of your reputation and your balance sheet.”

Data breaches are not the only cyber-security risk, according to Matz.  Hackers have used passwords stolen from a credit union to access one of the larger credit bureaus, and cyber-terrorists are now targeting credit unions.

continue reading »