WASHINGTON, DC (January 27, 2016) —
The Honorable Mitch McConnell
Majority Leader
U.S. Senate
Washington, D.C. 20510
The Honorable Harry Reid
Minority Leader
U.S. Senate
Washington, D.C. 20510
The Honorable Paul Ryan
Speaker
U.S. House of Representatives
Washington, D.C. 20515
The Honorable Nancy Pelosi
Minority Leader
U.S. House of Representatives
Washington, D.C. 20515
Re: Possible Wendy’s Data Breach Shows Need for National Data Security Standards
Dear Leader McConnell, Leader Reid, Speaker Ryan, and Leader Pelosi:
On behalf of the National Association of Federal Credit Unions (NAFCU), the only trade association exclusively representing the federal interests of our nation’s federally-insured credit unions, I write today in conjunction with recent reports indicating that Wendy’s fast food chain is investigating a possible data breach and to once again urge you to support national data security standards for retailers and others who collect and store consumers’ personal and financial information.
Data breaches have become a constant concern of the American people. Major data breaches now occur with an unacceptable level of regularity. From breaches at Target and Home Depot that impacted over 110 million consumer records and 56 million payment cards respectively, to recent breaches at the Hyatt and Hilton hotel chains, the concerns of American consumers are well-founded. A Gallup poll from October 7-11, 2015, found for the second consecutive year that 69 percent of U.S. adults are frequently or occasionally concerned about having their credit card information stolen by hackers. These staggering survey results speak for themselves and should demonstrate the need for greater national attention to this issue. The potential breach of Wendy’s fast food restaurants is yet another demonstration of the need for a legislative solution.
Americans’ sensitive financial and personally identifiable information will only be as safe as the weakest link in the security chain. While financial institutions, including credit unions, have been subject to federal standards on data security since the passage of the Gramm-Leach-Bliley Act (GLBA), retailers and many other entities that handle sensitive personal financial data are not subject to these same standards. Consequently, they have become the vulnerable targets of choice for cybercriminals.
Credit unions suffer steep losses in re-establishing member safety after a data breach occurs. They are often forced to absorb fraud-related losses, many of which stem from a negligent entity’s failure to protect sensitive financial and personal information with their systems. As not-for-profit cooperatives, credit union members are the ones that are ultimately impacted by these costs.
It is with this in mind that NAFCU urges you to support common sense bipartisan legislation to create national data security standards, such as the H.R. 2205 and S. 961, the Data Security Act of 2015. Introduced by Representatives Randy Neugebauer and John Carney in the House, this legislation received strong bipartisan support in a House Financial Services Committee mark-up in December 2015. Similar bipartisan legislation introduced by Senators Roy Blunt and Tom Carper is awaiting action in the Senate. The Data Security Act of 2015 would create flexible requirements that, while protecting consumers’ data in the current environment, would also allow for and encourage innovation to protect consumers from future threats we have not yet anticipated. Additionally, the national standards created would be scalable to allow for compliance by entities of all sizes. Just as the GLBA institutes requirements that are appropriate for both the smallest credit unions and the biggest banks, this legislation would allow for appropriate standards for the smallest corner store to the largest retailers.
On behalf of our nation’s credit unions and their more than 101 million members, we thank you for your attention to this important matter. Should you have any questions or require any additional information please contact me or Chad Adams, NAFCU’s Associate Director of Legislative Affairs, at 703-842-2265 or cadams@nafcu.org.
Sincerely,
Brad Thaler
Vice President of Legislative Affairs
cc: Members of the United States Senate
Members of the United States House of Representatives
The National Association of Federally-Insured Credit Unions is the only national trade association focusing exclusively on federal issues affecting the nation’s federally-insured credit unions. NAFCU membership is direct and provides credit unions with the best in federal advocacy, education and compliance assistance. For more information on NAFCU, go to www.nafcu.org or @NAFCU on Twitter.
