Target and Visa have finally reached a settlement in the wake of the retailer’s massive 2013 data breach, but it’s still unclear how much of that settlement—expected to total about $67 million—will trickle down to credit unions.
Questions remain about how much credit unions will be reimbursed for their losses and when they might expect to receive those monies. The Target breach, which occurred during the 2013 holiday shopping season, impacted as many as 70 million consumers and exposed 40 million credit and debit cards to potential fraud. According to CUNA, credit unions took a hit of more than $30 million as a result of the breach, not including actual fraud costs.
Credit union trade groups and card services providers are working to better understand the impact of the settlement, and many were not prepared to comment at press time, saying they were still in the process of gathering information.
NAFCU’s VP of Government Affairs and General Counsel Carrie Hunt said in a statement that the trade association continues to pressure Congress to put national data security standards in place for retailers, who must be held accountable for data breaches.
“This settlement is a step in the right direction, but it still may not make credit unions whole,” she said. “Credit unions deserve to be fully compensated for their losses.”
Visa representatives emphasized in a statement that Target and Visa worked together to "reach a resolution for the expenses incurred by financial institutions" as a result of the breach.
"Nevertheless, the fact remains that data breaches are an unfortuante situation for all parties involved -- especially consumers," a Visa spokesperson said. "This agreement attempts to put this event behind us, and increase the industry's focus on protecting against future compromises with new technologies."
Target representatives have not yet responded to Credit Union Journal's request for comment.
