Who’s To Blame for Data Security Breaches: Banks or Retailers?

The massive Target data security breach has sparked a debate between banks and retailers. Who holds most of the responsibility? The Target data breach impacted an estimated 40 million credit and debit card accounts in late November and early December. The data breach was so large that Congress has started holding committee hearings to determine what can be done to better protect consumers. With Congress investigating, the banks are pointing blame to retailers and the retailers are pointing blame to the banks. This AP article summarizes their arguments:

The retailers' argument: Banks must upgrade the security technology for the credit and debit cards they issue.

The banks' counterargument: Newer electronic-chip technology wouldn't have prevented the Target breach. And retailers must tighten their own security systems for processing card payments.

I thought a poll asking who’s to blame would be interesting.

As Congress, the banks and retailers try to determine what should change and who should pay for it, consumers will have to keep on top of their credit card and debit card accounts. Last month I reviewed some of the things consumers can do to reduce the risk of being a victim of a data breach.

Changes will be coming in the next few years. Both the banks and the retailers agree on the need for a national standard for notifying consumers on data breaches. Banks already have a plan to embed digital chips on debit and credit cards by the fall of 2015. These chips should provide more security than the current magnetic strips. They’re now common outside the U.S.