Heartland Tries to Settle Breach Damages With MasterCard Issuers

[Jake Kouns <jkouns () opensecurityfoundation org>]

As it continues to mop the financial fallout form its 2008 data
breach, Heartland Payment Systems last week agreed to pay as much as
$41.4 million to MasterCard issuers.

The firm will fund the recovery efforts to settle loss claims by
issuers associated with the breach. MasterCard, which recommends the
offer be accepted, said the settlement is an “appropriate and fair”
resolution for its issuing financial institution customers and will
enable them to avoid protracted litigation.

In order for the settlement to become official, financial institutions
representing 80 percent of claimed-on accounts will have to accept the
deal by June 25, and waive their rights to future claims.
Heartland has already reached a $3.6 million settlement with American
Express and a $2.4 million settlement of a class action suit by
cardholders. The payment processor also came to a $60 million
settlement with Visa earlier this year, though that settlement led to
a lawsuit by five financial institutions against two Heartland
acquiring banks—Key Bank and Heartland Bank—claiming these banks share
responsibility for losses resulting from the data breach.

Computer hacker Albert Gonzalez was sentenced to 20 years in prison
earlier this year for crimes connected to the Heartland breach and
other online thefts.
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php