During the busiest shopping time of the year – the period between Thanksgiving and Christmas – Target, one of America’s largest retailers, suffered the second biggest data breach in US history as 40 million credit and debit cards were compromised. Americans assume that when they shop their personal financial information will be kept private and away from identity thieves. Unfortunately, that is not always the case evidenced by the more than 4,000 data breaches that have been reported since 2005, an average of more than one a day over the last nine years.
Consumer advocates hope that the scale of the Target data breach will serve as the impetus for much needed credit card security reform. The time for change is now. Although consumer’s financial information will never be 100% secure, there are things that can be done. Retailers can use advanced encryption technology and more secure firewalls. Credit card companies can encourage the use of “Chip and PIN” technology in their credit cards. Our politicians can pass legislation establishing a national data breach notification standard and urge the Obama Administration to explore incentives and penalties to encourage private sector businesses to better protect consumer data. These changes will not happen without pressure from consumers.
This week, a group of Democratic Senators requested that the Senate banking Committee hold hearings to examine cybersecurity practices. The letter, written by Senators Robert Menendez (D-NJ), Mark Warner (D-VA), and Charles Schumer (D-NY) stated, “We believe it would be valuable for the Committee to examine whether market participants are taking all appropriate actions to safeguard consumer data and protect against fraud, identity theft, and other harmful consequences, and whether we need stronger industry-wide cybersecurity standards.”
Changing and improving security standards will inevitably cost time and money. No one wants to foot the bill for needed innovations. Our lawmakers must capitalize on the current consumer awareness of the need for better cybersecurity and hold a congressional hearing to determine how businesses can better protect consumer data.