CUNA Mutual Group issued the following announcement on Dec. 4.
WASHINGTON–In the wake of the data breach involving Marriott hotels, NAFCU has sent a letter to members of the House Financial Services Committee and the
Senate Banking Committee that reiterates its call for a national data security standard for entities that collect and store consumers’ personal and financial information.
The Marriott breach involves as many as 500 million people and includes personally identifiable and financial information, although, as CUToday.info reports elsewhere, it may not be financial account and Social Security numbers that the thieves find most valuable.
All such entities should be subject to the same stringent requirements as depository institutions, said NAFCU.
“While it may not help the millions of Americans that have been victimized by this breach, the time for Congress to act is now to prevent future breaches and harm to consumers,” the letter reads. “We would urge the Committee’s continued focus on this important topic and the need for addressing consumer data security issues in the remaining days of this Congress and in the new Congress.”
In its letter, NAFCU again pointed to a set of guiding principles it would like to see used in addressing any comprehensive cyber and data security effort. Those principles include:
Payment of Breach Costs by Breached Entities
National Standards for Safekeeping Information
Data Security Policy Disclosure
Notification of the Account Servicer
Disclosure of Breached Entity
Enforcement of Prohibition on Data Retention
Burden of Proof in Data Breach Cases
Original source can be found here.