Banks or Retailers, Who Will Pay Cyber Attack Bills?

Cyber attacks are becoming a major problem. They affect two main sectors, banking and retail. Banks are preparing for a legal battle with retailers over who will cover the costs of cyber attacks going forward. This comes after two major security breaches at retailers Home Depot and Target which affected nearly 100 million credit cards. The breach at Home Depot cost community banks and credit unions almost $160 million to find and replace affected cards. It cost Home Depot itself $62 million. Banks covered most of the damages, but it was deficiencies in the retailer's security systems that allowed the hackers to retrieve customer data. The National Association of Federal Credit Unions has stated that "the weak link in the system today is on the merchant end". Major banking organizations such as The Consumer Bankers Association and Clearing House, have come together to urge lawmakers to force retailers to cover the costs. On the other hand, retailers have refuted these claims. They are also gearing up for a legal battle, trying to prove to Congress that they share the costs equally with banks and that they contribute to the cost of reissuing cards Going forward, if retailers are held liable for covering the costs, it may put increased pressure on that sector, as they are the most vulnerable to hacking. To counter this, we will definitely see more emphasis on cyber security on the retail side. It would be beneficial if banks would expand their efforts to share its data security services with retailers, so both would be on the same page when it comes to data security.

  • William Zhou