Ninety-four percent of credit unions responding to an MCUL & Affiliates survey about the Target data breach said they have members who were affected by the breach.
The state survey drew responses from 84 of Michigan’s 293 credit unions in mid-January.
Nearly 92 percent of Michigan credit unions said that they had taken additional steps to communicate to their members about the breach and their options. Three-quarters of the respondents said that they automatically replaced potentially affected cards.
At some smaller credit unions, as few as 10 cards had to be replaced. Larger credit unions reported that more than 8,000 cards had been affected.
Most credit unions said they were not charging members for replacement cards. Some said to charge members would be to punish something that was not their fault.
“We feel we are protecting both member and CU from fraud losses,” one respondent wrote.
Slightly more than half of respondents said their members had not yet experienced fraud loss from the data breach. Two-thirds of respondents said their credit union had costs related to the data breach including increased call volume and staffing needs.
Respondents said their total costs ranged from less than $100 to as much as $200,000. Many credit unions said they didn’t yet know how much the data breach had cost them and others said they may never know.
Target Brands announced in December that between Nov. 27 and Dec. 15 – during the busy holiday shopping season – that debit and credit card information of about 40 million consumers had been compromised, a number that has grown to 70 million since. In addition, Neiman-Marcus announced a data breach to its system and Michael’s said its system may have also experienced a data breach.