Dozens of Valley Oak Credit Union debit cards were used during the weekend of April 9 and 10 to run up an undetermined amount of charges. Administrators and customer service representatives at the 7,000-member financial institution headquartered in Three Rivers were busy this week closing accounts and issuing new cards while trying to determine the exact extent and amount of the multiple thefts.
Alan Cortum, CEO, said in an interview Thursday, April 14, that at least 84 accounts had fraudulent charges that amounted to less than $10,000.
“It was a debit card compromise, and our system was not hacked,” Cortum said. “No personal data was obtained. Somebody got a hold of some card numbers, and we’re not sure how it happened.”
Cortum said it could take 10 months or more to analyze each transaction. Once Visa takes over the investigation, they search each transaction and try to identify a pattern and a point of origin.
“Sometimes a case like this one is never solved,” Cortum said. “If Visa determines that the effort is not worth the return, they simply pay the losses and move on.”
Eventually, we all pay, Cortum said, because the cost of the fraud is passed along to the member financial institutions and the consumer.
“The industry is currently changing to the EMV [Europay, MasterCard, Visa] chip-enabled cards and that will help,” Cortum said. “Tokenization is also being tested that could potentially make each use a separate transaction.”
A token use would not require personal information to be stored so there is less opportunity for fraud. Cortum concluded by saying that Valley Oak account holders are not liable for fraudulent charges and that the credit union’s system remains safe and secure.