Skip to content

    NACS is Working to Protect the Convenience Industry in Data Breaches

    It's unfortunate to admit but with past legislation, many C-Stores were left on the hook for crimes not caused by themselves. Recent years saw many convenient stores covering for issues caused by processing companies and credit consolidators like Equifax. These issues, mainly data breaches, cost millions of dollars to consumers and business owners when they happen. The tides are shifting and current legislation has made small businesses more of a priority by holding big processors accountable. 

    C-Stores produce nearly 160-million transactions per day and record 80-percent of all of the gasoline sales in the United States. This comes out to a total of around 616-billion dollars each year in revenue. It is safe to say that this is a large industry in the United States and one that needs more protection for business owners. 

    Data Breach Statistics - 

    • 59% of data breaches involve a person's identity and financial information. 16% also involves the financial information of businesses.
    • From 2015 to 2016, over 978-million data records were lost due to data breaches and the loss of of people's identity information.
    • 45% of all data breaches take place in the business sector.  
    • These breaches have resulted in over 24.7-billion dollars in losses. 
    • There is a new identity theft victim every 2-seconds. 

    Back in 2017, Equifax had a data breach in which they lost 147-million people's data due to a breach. Equifax claimed that no one was affected by the loss, and also stated that it had no obligation to safeguard people's personal information such as social security cards and debit/credit card information. This massive debacle was headlined by thousands of lawsuits, with some taking aim at the businesses they purchased goods from. In total, victims sought nearly 600-million dollars from Equifax and retailers. Currently, in 2019, Equifax reached a settlement to pay out 575-million dollars to people affected by the data breach, as well as, inform them of any ongoing situations. 

    Why Is This Important?

    In prior legislation processors, banks, and card networks could push the obligations of informing victims of a breach, on retailers. These financial businesses could be exempt from all obligations to protect individual's information and leave retailers to pick up the pieces. In most instances, a lawsuit or settlement is involved when it comes to a breach of personal information. This costs retailers millions of dollars in lawyer fees and punitive damages, all of which, cripples businesses and helped result in a decrease of C-stores by 12-percent in 2016. Not only were retailers facing costly expenses from lawsuits, but harsh penalties from government entities if they did not give proper warning to their customers. 

    NACS' Solution -

    NACS is a coalition of different C-Stores who look for better legislation that favors their business. When Equifax left retailers out to dry, NACS was on Capitol Hill trying to correct legislation and provide better protection for retailers. NACS promotes reasonable standards for financial institutions to follow that hold them accountable and liable for any penalties that come from a breach of security. NACS also advocates for a federal law, enforced by a government entity, that predicates any state laws and reduces penalties on businesses who have not been notified of a breach. NACS seeks what all retailers want, and that's for the correct group to be held responsible. Usually, these financial institutions gain favor with groups like The Federal Trade Commission, but the narrative is shifting and retailers are getting the representation they need.

    Sources: Amanda Bronstad, Patrick Gleeson, Rebecca Lake, and