Credit unions responding to NAFCU's monthly Flash survey reported that merchants were the leading source of credit and debit card fraud attempts.
According to the association, fully 36% of card fraud attempts had their roots in a data breach at a retail merchant, followed by 34.7% caused by hackers, 31% caused by card processors and 21.4% caused by card owners.
The report also offered some statistics regarding the losses credit union suffered after two of the biggest card breaches, the one at the TJX corporation in 2007 and the other at Heartland Payment Systems in 2009.
TJX is the parent company of a number of popular retail brands, including TJ Maxx. Heartland is one of the largest card transaction processors in the country.
NAFCU member credit unions that participated in the survey reported that, on average, they had 6,104 card accounts impacted by the TJX breach and suffered over $34,000 in damage per CU.
The credit unions reported that they had 12,825 card accounts, on average, impacted by the Heartland breach with damages averaging $76,160 per CU.
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
