Last year's cyberattack on US retail giant Target in which up to 40 million credit cards were compromised and up to 70 million names, email addresses, and phone numbers were stolen — has cost banks and credit unions more than $200 million.
The Consumer Bankers Association (CBA) and the Credit Union National Association (CUNA) have replaced 21.8 million cards, more than half of those compromised in the attack. The cost to CBA member banks has now reached $172 million, while credit unions have spent $30.6 million. Both figures have increased from original estimates of $153 million and $25 million respectively, and still don't take into account the cost of replacing cards for financial institutions that are not members of the Consumer Bankers Association or Credit Union National Association.
The Consumer Bankers Association and Credit Union National Association have replaced more than 20 million cards
Hackers were able to access Target's systems by stealing credentials from a contractor. Target has responded by fast-tracking new security policies, but The Wall Street Journal reported earlier this month that its own security staff may have been aware of vulnerabilities in the retailer's systems, but were "brushed off" when they requested the issue be fixed. The scale of the attack, and the sheer number of cards and customers affected, has propelled the issue of credit card security to the top of political agendas. In January, a new bill was announced that would ensure companies would have to inform their customers when their personal data had been compromised.