Newsroom

Another recent, massive data breach at the shoe seller Zappos.com provides another example of why – in NAFCU's view – all entities not just credit unions and other financial institutions should be required to comply with comprehensive data protection rules and standards.

The Washington Post reported Monday that a hacker gained access to Zappos network and systems, compromising personal data from up to 24 million of the company's customers.

The company, in a Jan. 15 email to its employees, said that payment card information was not compromised. However, names, phone numbers, billing and shipping addresses and the last four digits of customer credit cards may been accessed when hackers breached the company's systems.

Zappos has since communicated with customers and is encouraging them to change their account passwords.

NAFCU continues to seek enactment of a comprehensive data security measure. That bill should include provisions that would require merchants, retailers and other entities to adhere to national standards for keeping consumer information safe.