CCUA: Data Breach Survey

50% of survey complete.

Question Title

* 1. Credit Union Name:

Question Title

* 2. Please enter the number of outstanding debit and credit cards your credit union currently has issued. If you do not offer a card type, please enter 0.

Number of DEBIT Cards

Number of CREDIT Cards

Question Title

* 3. Have you been notified by your processor or network that any of your members’ cards have been affected by the Home Depot breach?

Yes

Question Title

* 4. Were you notified how many cards were affected?

Yes

Question Title

* 5. How many debit and credit cards were affected? If none, or you don’t offer this card type, enter 0.

Number of DEBIT Cards affected

Number of CREDIT Cards affected

Question Title

* 6. Has your credit union reissued, or do you plan to reissue new replacement cards?

We do not plan to reissue any cards

We will/have selectively reissue(d) some cards in response to member requests or other factors

We will/have reissue(d) all affected cards

Question Title

* 7. Has your credit union had to increase staffing (via overtime, additional shifts, etc.) as a result of the Home Depot breach (responding to member inquiries, account monitoring, freezing, or closing affected accounts, etc.)?

Yes

Question Title

* 8. Please estimate the total costs to your credit union related to CARD REISSUANCE, FRAUD, and ALL OTHER COSTS (additional staffing, member notification, account monitoring, freezing or closing accounts, etc.) as a result of the Home Depot breach. If unable to estimate, enter 1.

Costs related to CARD REISSUANCE ($):

FRAUD costs ($):

ALL OTHER costs resulting from the breach ($)

Question Title

* 9. In the first few weeks after the breach was announced, how much has call volume been affected by members asking about the Home Depot breach, compared to normal levels for this time of the year?

Call volume is up by less than 10%

Call volume is up by between 10% and 25%

Call volume is up by between 25% and 50%

Call volume is up by between 20% and 100%

Call volume is up by more than 100% (it has at least doubled)

Question Title

* 10. Has you credit union been reimbursed for any costs related to last year’s Target data breach?

Yes

My CU had no cards affected by the Target breach

Question Title

* 11. There has been considerable discussion surrounding card issuers being reimbursed by retailers for losses relating to data breaches. Do you support this concept?

Yes

Question Title

* 12. How do you think the reimbursement should be determined?

Costs related to reissuing cards

Fraud related to breaches

WHATEVER ELSE (reputation risk)

ALL OF THE ABOVE

Question Title

* 13. While card reissuing costs could be tracked, do you believe your credit union could accurately determine which breach a fraud loss occurred from?

Yes

Not sure

Question Title

* 14. Would you support a “fine” system for retailers?

Yes

Question Title

* 15. Do you believe the Networks (Visa/MC) are currently utilizing all of their tools to fine retailers?

Yes

They need to do more

Question Title

* 16. Do you believe retailers should be held to the same data security standards that financial institutions are?

Yes

Question Title

* 17. What is your biggest challenge in notifying members of a breach?

Not having accurate information on where the breach occurred

Takes too long to get the identity of the breached retailer

Limited on what we can tell members regarding a breach

Question Title

* 18. Many credit unions are moving to ApplePay and other mobile payment services. Is your credit union considering offering members such a service?

Yes

Not sure at this time

Question Title

* 19. Do you believe mobile payment services such as ApplePay will reduce credit/debit fraud?

Yes

Not sure

Question Title

* 20. Are you concerned about losing interchange income if mobile payments continue to grow?

Yes

Yes, but believe it will be offset by less fraud

Not sure at this time

Question Title

* 21. Do you believe consumers are becoming desensitized to data breaches given the number of breaches?

Yes

Not sure