TMCnet News

Ohio's credit unions hit hard by national retailers' data breach [The Blade, Toledo, Ohio]
[November 01, 2014]

Ohio's credit unions hit hard by national retailers' data breach [The Blade, Toledo, Ohio]


(Blade (Toledo, OH) Via Acquire Media NewsEdge) Nov. 01--A large data security breach this year at Home Depot Inc. cost Ohio's 330 credit unions a combined $1.3 million in fraud losses and other costs associated with replacing compromised credit and debit cards.



"Anecdotally, every credit union CEO I've talked to from the relatively medium-sized ones to the large ones all seem to have been impacted by the Home Depot breach in some way," said Patrick Harris, director of legislative affairs for the Ohio Credit Union League in Columbus.

"With the Home Depot breach and the Target breach last year, it really leads to the question of what's next?" he said.


The five-month cyberattack on Home Depot's data, which was revealed in September, compromised nearly 56 million credit cards and debit cards. Criminals stole the home improvement chain's data by hacking self-serve pay terminals.

Mr. Harris said 165,000 compromised cards belonged to Ohio credit union members. Nationwide, credit unions lost $60 million and had 7.2 million cards breached, according to the Credit Union National Association.

While the nation's banks suffered larger losses, Mr. Harris said the impact on credit unions may hurt more because they are nonprofit. Fraud losses and costs of reissuing cards -- about $8 each when all expenses are combined -- come out of a credit union's funds, which essentially are members' savings, he said.

Barry Shaner, president and CEO of Directions Credit Union of Sylvania, said 3,000 of its 70,000 members were directly affected by the Home Depot breach.

"That's not an insubstantial amount. To reissue a card costs us $5, so that's $15,000 right there," said Mr. Shaner, whose credit union has nine Toledo area branches.

"I don't know what the fraud number is yet and we won't know that for a while, but there will be fraud losses associated with this. And that is money out of members' pockets and it's money we can't use for services for them or for better rates for them. It's real people's money," Mr. Shaner said.

Dave Wilde, vice president of marketing and business development for the 30,000-member Sun Federal Credit Union, which has four Toledo-area locations and six in eastern Pennsylvania, said about 750 Sun members in northwest Ohio had their cards compromised.

Overall, 1,500 members at Sun were affected. So far, fraud losses have totaled $10,000, he said. "Our systems are 100 percent secure and we had nothing to do with this breach. But our members rely on us to keep them safe, so it's our reputation that's taken a hit," Mr. Wilde said.

Mark Slates, president and CEO of the 25,000-member Glass City Federal Credit Union of Maumee, said his institution did have members' cards breached but so far no patterns of fraud have been seen. The credit union, which has five locations, took steps immediately to deactivate and replace at-risk cards.

"We've been fortunate that with most of these breaches we have not seen the fraud. Our fraud losses are very low," Mr. Slates said.

Mr. Shaner, of Directions, said a big frustration for credit unions is that they are unlikely to be compensated for the costs caused by data breaches. "The problem is it's very difficult to go back and say that card number was obtained from that Home Depot breach. So it's the financial institution that ends up bearing the cost of that," he said.

"It's a big deal and it's a lot of work and it's happening more frequently. When the Target breach occurred, about half our members were affected," he said. "It's a huge frustration to our members." Contact Jon Chavez at: [email protected] or 419-724-6128.

___ (c)2014 The Blade (Toledo, Ohio) Visit The Blade (Toledo, Ohio) at www.toledoblade.com Distributed by MCT Information Services

[ Back To TMCnet.com's Homepage ]