BY ROBERT MCGARVEY

Details remain scant regarding the data breach acknowledged Thursday by retailer Target. However, one fact has emerged: the breach, said to be second largest in U.S. history after the 2007 TJX breach that involved more than 90 million credit card accounts, will have a significant impact on credit unions and their members.

The breach apparently extended to all Target stores in the U.S., and credit and debit cards used between Nov. 27 and Dec. 15 may have been compromised. More than 40 million cards are said by Target to be at risk.

The bad news: multiple reports indicate the breach involved theft of mag stripe data. That means criminals can use the data to manufacture new cards with valid mag stripe information and that may bode a boost in card present fraud at retail.

In many cases, too, the card issuer – meaning credit unions, if their members cards are involved – will suffer the financial liability, said TMG Senior Fraud Prevention Analyst Nicole Reyes.

She strongly urged credit unions to pay close attention to MasterCard and VISA fraud alerts, which will provide some details on exactly which cards may have been compromised. From there, Reyes suggested, it’s up to the particular institution and its appetite for risk. Some, she said, may choose to cancel all impacted cards and issue new ones, but she added that such a strategy can get expensive.

Others may opt to use transaction monitoring tools to attempt to identify efforts to defraud the account.

But there is a sliver of good news.

continue reading »