Newsroom

Information from about 567,000 payment cards may have been exposed in a data breach at the Cheddar's Scratch Kitchen restaurant chain between Nov. 3, 2017, and Jan. 2. As more data breaches occur, NAFCU – a leading advocate for national data security standards – continues its push for the adoption of data and cybersecurity standards for all entities that hold consumers' information.

Cheddar's is owned by Darden Restaurants Inc., which said affected restaurants span 23 states, including Alabama, Arizona, Arkansas, Delaware, Florida, Illinois, Indiana, Iowa, Kansas, Louisiana, Maryland, Michigan, Missouri, Nebraska, New Mexico, North Carolina, Ohio, Oklahoma, Pennsylvania, South Carolina, Texas, Virginia and Wisconsin. The system has since been disabled and replaced.  

NAFCU has been active with lawmakers since the massive 2013 Target data breach stressing the need for a legislative solution to reform the nation's data security system. The association has also shared with Congress principles credit unions would like to see addressed in any comprehensive cyber and data security legislation.

NAFCU remains a leading advocate on this issue and is working to ensure that all entities that hold or collect consumers' personal financial information are held to similar standards as credit unions.