Despite Thursday’s announcement by Target of a $10 million settlement for a consumer class-action lawsuit related to its 2013 data breach, credit unions are still waiting to be reimbursed for the nearly $30 million of costs they incurred in response to the breach.  The settlement only covers payments to consumers for damages they may have incurred.  It does not cover costs credit unions and other financial institutions incurred as a result of the breach.

CUNA President/CEO Jim Nussle weighed in on the Target news: “For 15 months, credit unions and their members have been pushed to the back burner waiting to be reimbursed for over $30 million lost, at no fault of their own, due to Target’s failure to safeguard the data of its customers.  Further, it shouldn’t take a court-approved settlement for Target to provide basic security measures to protect American consumers from data breaches.

“Credit unions continue to protect their members as a result of merchant data breaches–and there’s no end in sight. It’s high time for merchants to be held to the same standards as financial institutions to ensure all consumers’ private information is protected.”

Under the settlement, which must still be approved by a federal court, Target will be required to implement data security measures such as appointing a chief information security officer and maintaining a written information security program.

Target will deposit the settlement amount into an interest-bearing escrow account to pay individual victims up to $10,000 in damages. The claims will be submitted and processed primarily online through a dedicated website, according to the court documents.

continue reading »