Politicians and trade groups renewed their call for more to be done in the wake of the Target data breach after the company said Friday that far more damage may have been done than originally reported.
The Minneapolis-based retailer announced that personal information such as emails such as mailing addresses, phone numbers and email addresses, were also compromised when the card data was apparently hacked between Black Friday and Dec. 15.
As many as 70 million people may have had their data stolen, up from an earlier estimate as 40 million debit and credit accounts that were compromised, the company said in Friday’s announcement.
The company’s announcement noted that it was offering identity theft protection and free credit reports to affected consumers and that Target shoppers would not be held personally liable for card losses.
NAFCU responded Friday by renewing its call for congressional action on data security.
“The latest revelation of compromised consumer records well illustrates NAFCU’s case for setting a statutory requirement for merchants’ protection of consumer data. Merchants and big-box retailers must be accountable for data breaches originating on their end,” President/CEO Dan Berger said in a statement.
“Credit unions and other financial institutions aren’t the problem. There are ample rules in place to ensure data protection standards at financial institutions. Still, consumers and small financial institutions – including credit unions – are picking up the tab for retailers. Until a legislative fix is put in place, consumers’ sensitive financial and personal data will continue to be at risk.”
Sen. Patrick Leahy (D-Vt.) on Wednesday reintroduced a bill that would create a national standard that businesses would have to follow for informing customers about a security breach. It would also require companies collecting personal information from customers to meet certain data protections standards.
New York’s attorney general, Eric T. Schneiderman, also put out a statement following Friday’s announcement.
“The news that Target has discovered a breach involving 70 million customers is deeply troubling. Consumers in New York and around the country expect and deserve companies that protect their personal information when they shop on their websites and in their stores,” he said.
“That is why my office is participating in a national investigation into this breach, why I pressed Target to provide free credit monitoring for the 40 million Target customers identified last month, and why I insist it extends the same service to every new victim,” his announcement said.