Data breaches have been the talk of the financial industry over the last few weeks. Recently, Equifax announced it would pay out $700 million (through a mix of government fines, legal fees and reimbursements to consumers) after a massive data breach stole the personal information of nearly 147 million people back in 2017. Last week, Capital One announced it had also been subject to a large-scale incident, exposing the records of 100 million citizens, 140,000 Social Security numbers and 80,000 linked bank account numbers.
Data breaches are becoming a regular part of our financial lives. And while organizations like Equifax, Capital One and Marriott have been quick to respond, the frequency and scale at which these breaches are happening highlight the need for credit unions and their members to proactively prepare.
Here are four key takeaways from the recent Capital One and Equifax data breaches:
1. Enterprise risk management is essential
With both the Equifax and Capital One breaches, many speculate that each incident was at least somewhat preventable, had the right cybersecurity protocols been in place. Particularly with the Capital One case, the hacker may have exposed a security leak during her time working at Amazon Web Services of which Capital One is a major client.
This article from TechCrunch highlights the cybersecurity concerns inherent with working with third parties, particularly in the cloud. As such, organizations need to be extra vigilant about enforcing good data hygiene and best practices for spotting and reporting potential security leaks.
2. Is it Time for Regulators to Get Involved?
The growing number of data breaches has many in the industry calling for stronger federal regulations and standards around data privacy. As one Forbes article points out, the conversation around data privacy is a complicated one: on one hand, data breaches are fast becoming a national security issue, on the other, it may be near-impossible to get consensus on a set of enforceable guidelines and federal standards around data privacy. That hasn’t stopped CUNA from declaring that no answer from Congress is not a good answer when it comes to data privacy.
3. Credit Unions Must Play a Trust-Building Role
One of the most important takeaways from the recent data breaches is the need for credit unions to educate their members on how to prevent and respond to these types of events. Step one is to share with them tips and best practices to avoid fraud – here is a quick and simple guide from Kiplinger on ways to empower your members in the fight against fraud. Step two is to provide members that may have been impacted with the tools and resources to mitigate their losses.
One great tool at a credit union member’s disposal is a credit freeze. CO-OP Industry Fraud Specialist John Buzzard explains how setting up a credit freeze can help members stay alert and stay ahead of fraudulent activity.
4. Beware of Fake Settlement Websites
While some of your members may have been relieved to hear they might be receiving compensation from the Equifax hack, the FTC warned that a number of fake settlement websites have emerged to try and steal more information from consumers. These sites might look legitimate and often trick consumers into volunteering sensitive information.
It is important to remind your members to submit a claim only through the official website provided by the FTC and to be wary of any sites, calls or emails offering discounts or asking them to pay in order to file a claim. Also worth noting, last week the FTC announced that due to the high volume of claim requests, cash reimbursements are being capped at $31 million and they are recommending consumers opt for free credit monitoring services instead.
While data breaches may be becoming the new norm in today’s financial landscape, credit unions must empower themselves with the knowledge, strategy and solutions necessary to protect their members.
Discover the latest fraud happenings and what it takes to keep your members safe at our next FraudBuzz webinar on August 15th. Register now.
And learn more about the advanced fraud mitigation tools built to stay ahead of fraudsters under CO-OP’s Protect product line.