WASHINGTON — The cost to credit unions from the massive Target Corp. data breach could be $25 to $30 million, if not higher, according to CUNA.
In late December, shortly after the
The survey has found that the actual costs could exceed $25 million to $30 million in the coming weeks if greater fraud losses are incurred or those that have reported already add additional costs to their reported totals.
CUNA's survey also found that, on average, the Target breach has cost credit unions about $5.10 per card affected by the security lapse. These costs likely do not include any fraud losses, which may occur later, CUNA reported. Additionally, the cost/card figure is an average across all affected cards, not just cards that have been reissued.
"Contrary to what some may think, these expenses will not be reimbursed to credit unions and their members by Target or other retailers," said CUNA President Bill Cheney. "Rather, credit unions must solely cover these costs of card program administration, including in these circumstances of reacting to a merchant data breach. And, because of credit unions' cooperative structure, the costs of such breaches are ultimately borne entirely by credit union members," he added.
CUs taking part in the data collection effort report having almost 18 million debit cards outstanding, and just less than 1.5 million credit cards outstanding, representing about one-third of the estimated number of debit cards outstanding at all credit unions, according to CUNA Chief Economist Bill Hampel.
The CUNA survey asked credit unions impacted by the Target data breach to outline the costs and burdens they have seen as a result.
CUNA said the data will be used during CUNA conversations with lawmakers, regulators, the media and others. There is no deadline for credit unions to respond to the survey. As of Jan. 16, 936 CUs respondned to the poll.
