Heartland Breach: Consumer Settlement Proposed

[security curmudgeon <jericho () attrition org>]

http://www.bankinfosecurity.com/articles.php?art_id=2498

Heartland Breach: Consumer Settlement Proposed
$4 Million Deal Would Cap Individual Claims at $10K
May 6, 2010 - Linda McGlasson, Managing Editor

A proposed settlement of the consumer class action suit brought against 
payments processor Heartland Payments System got preliminary approval from 
a U.S. District Court judge in late April. The proposed settlement would 
create a $4 million pool to pay consumers and settle the case.

The Heartland data breach impacted an estimated 130 million credit/debit 
cards -- the largest such incident ever reported.

In a "fairness hearing" on April 27, U.S. District Court Judge Lee 
Rosenthal heard from both sides of the class action suit. Several class 
action suits brought by consumers from around the country were collected 
into one case in September 2009. The case was heard in the Southern 
District U.S. Court in Houston, TX.

The class action suit alleged that Heartland failed to adequately protect 
consumers' personal financial information and violated the Fair Credit 
Reporting Act. It charges Heartland was negligent, and that constituted a 
breach of express and implied contract, violating various states' data 
breach notification statutes and consumer fraud and deceptive and unfair 
trade practices acts.

[..]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php