Missouri U.S. Senator Claire McCaskill (D) helped draw attention to who pays the price when data breaches take place – and public confusion about the issue.
“I don’t think people understand… a lot of the costs associated with this breach – in fact, the majority of them – fall to credit unions and local banks instead of Target,” says McCaskill.
McCaskill questioned retailers during a Senate Commerce Committee hearing on March 26, arguing that companies collecting consumers' personal information are not held financially responsible for the total costs associated with their failure to protect it.
“I think most Americans thought [Target was] covering all the costs of this,” says McCaskill. “I don’t think, when you said, ‘we’re going to make sure no customer loses a dime,’ I don’t think they realized that most of the dimes were being paid by somebody else in the first place.”
McCaskill also pointed out the direct cost of the Target data breach to financial institutions, in comparison to retailers’ actual costs. “The estimate to the banks and credit unions is about $200 million, and those are costs that are not optional to them, correct? That’s them having to reissue the cards and bearing the costs of doing that.”
Witnesses included representatives from the Federal Trade Commission, Target, Visa and others. The hearing examined the risks of recent data breaches to consumers, the current lack of federal data security protections, and several data security bills pending before the Commerce Committee.
Missouri U.S. Senator Roy Blunt (R), who is a member of the Commerce Committee with McCaskill, also attended the hearing. Senator Blunt is the lead Republican on S. 1927, the Data Security Act of 2014, which addresses data breach security concerns.
Data security and the need for Congressional action was a primary topic of discussion when credit union leaders from Missouri met with staff members for Senators McCaskill and Blunt during the Credit Union National Association’s Governmental Affairs Conference on February 26 and 27. The Missouri Credit Union Association provided survey information about the impact of the Target data breach and the Schnucks grocery store data breach on credit unions in Missouri.
Caption: Senator McCaskill during the Senate Commerce Committee hearing on March 26.