http://arstechnica.com/security/2014/10/retailers-accuse-credit-unions-of-talking-smack-about-card-breaches/
By Sean Gallagher
Ars Technica
Oct 30, 2014
Reeling from the bad press associated with an ongoing parade of data
breaches caused by criminal infiltration of their payment systems,
representatives of six retail industry associations signed a joint open
letter that pushes back against a vocal critic of retailers'
cyber-security practices—credit union associations.
In the letter addressed to the presidents of the Credit Union National
Association (CUNA) and the National Association of Federal Credit Unions
(NAFCU), retail industry representatives accused the associations of
spreading “a number of misleading and factually inaccurate points… in the
media and before Congress in regards to the cyber security in our
country.” The industry group executives insisted that retailers already
share the burden of dealing with the cost of lost data—at least to the
degree that they are contractually obliged by credit card organizations.
But given how much they actually do pay, the retailers may protest too
much.
Unsafe at any register
The letter is a direct response to comments made in a letter to House
Homeland Security Committee chairman Rep. Michael McCaul (R-TX) by Carrie
Hunt, the NAFCU’s senior vice president of government affairs, posted on
October 28. In her letter, Hunt called out the retail industry for not
carrying enough of the burden associated with the loss of customers'
financial data.
While credit unions and other financial institutions are subject to strict
standards and regulations on handling sensitive customer financial data,
Hunt wrote, “retailers and many other entities…are not subject to these
same standards, and they become victims of data breaches and data theft
all too often. While these entities still get paid, financial institutions
bear a significant burden as the issuers of payment cards used by millions
of consumers.”
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
