The Credit Union National Association (CUNA) recently collected data from over 500 credit unions regarding the Home Depot data breach. The survey sought to uncover the various effects of the breach – from numbers of affected customers to the total cost to each credit union. The findings paint a clear picture: When it comes to data breaches, credit unions are shouldering a large part of the burden. Here are some of the key takeaways of the survey:
Most credit unions were affected
91.8% of responding credit unions were notified that their customers had been affected, accounting for 11.4% of all issued debit cards. In total, an estimated 6 million credit union debit cards were affected.
Those huge statistics become even more astonishing when one considers that these are the results of a single data breach. Other notable recent breaches – such as Target’s – had similar (though less widespread) effects.
Staffing became a top priority
When a large number of customers were affected by – or even heard about – the Home Depot data breach, they picked up the phone and called their credit unions. As a result, 36.6% of credit unions reported having to increase staffing to field the inquiries and perform basic customer service functions. Over 50% of credit unions responding to the survey indicated their call volume increased by 10% or more. A staggering 20% noted that call volume increased by 25% or more.
Card reissuance costs quickly added up
When an estimated 7.2 million cards need to be reissued by credit unions, you can bet the costs are significant. Removing other costs and averaging credit union respondent data noted an average cost of $2.64 per affected card.
Fraud took hold
The average cost of fraud based on survey respondents was $4.89 per affected card. The total cost of that fraud is compounded by the fact that reimbursement can take months to occur, meaning the credit union is left to foot the bill until that time.
All told, the report estimates the total cost of the Home Depot data breach to credit unions at $57.4 million. That number does not take into account costs associated with closed accounts, negative brand perceptions generated by the breach, or related increases in marketing costs. As large brands struggle with data security, institutions like credit unions bear a disproportionate amount of risk by simply conducting business as usual.
The future may offer hope as more companies implement secure file-sharing and collaboration software, as well as more secure environments for data. These tools reduce the risk of a data breach and the costs associated with remediation. That added security trickles down to credit unions and, ultimately, to customers.