Credit unions replying to CUNA's survey about damages from Target's data security breach reported that almost 14% of their debit and credit cards have been affected by the security lapse.
The major retail chain first alerted the public and card issuers that it had experienced a breach which has been estimated to include tens of millions of debit and credit cards on Dec. 19, 2013.
The association first posted the survey about the breach on its website Jan. 3, 2014 and it reported the first results on Jan. 22. At that point it reported 936 credit unions had responded. As of Feb. 5, that number had climbed to 1,112.
The credit unions reported that 9.3% of their outstanding debit cards had been compromised in the security failure and 4.3% of their outstanding credit cards. Seventy-nine percent of the responding credit unions reported they will reissue all the cards that had been compromised while 19% said they would likely reissue cards selectively.
Only 2% reported they would not reissue cards at all.
Using an estimate of 25% of the outstanding cards being reissued, CUNA estimated that 4.6 million cards were reissued because of the breach.
Twenty-seven percent of responding credit unions reported that the breach had caused call centers traffic to rise by more than 25% over normal, while an additional 39% reported that call volume had risen by at least 10% over normal.
Thirty-seven percent of the credit unions reported having to add staff to address compromised cards' impact.
Using an estimate of total costs of reissuing cards, additionally staffing parts of the credit union and notifying members of the beach, CUNA estimated that each compromised card has cost its issuing credit union $5.68. That suggests that, as a group, credit unions with compromised cards have had to pay $30.6 million, so far, for the breach.
And, that does not include any actual fraud losses that have not yet been tallied and which credit unions may experience in the future, CUNA explained.