Heartland Payment Settles With Visa Over Data Protection Breach

By Minara El-Rahman on January 12, 2010 | Last updated on March 21, 2019

Heartland Payment Systems Inc. is one step closer to getting behind a data protection breach that could have compromised over 100 million credit cards. Reuters reports that Heartland Payment Systems Inc. has agreed to pay Visa $60 million dollars as part of a settlement agreement regarding the data protection breach.

This settlement agreement shortly follows a settlement agreement that the payment processor made with American Express. The settlement amount between Heartland and American Express was $3.6 million dollars. The settlement amount for Visa is likely larger because Visa is the largest issuer of credit cards.

The breach in question occurred in 2008 when hackers managed to hack into the company's system in order to steal credit card information of millions of credit card holders.

We wrote about the class action lawsuit that was filed against Heartland our Common Law blog. That suit was filed by consumers over the company's handling of the data breach. However, as previously discussed, class action suit against Heartland was dismissed. The lawsuit was dismissed without prejudice (meaning it could be refiled if the complaint's defects are fixed). The court dismissed the class action on the grounds that plaintiffs failed to prove that Heartland executives knew that the company had inadequate security and misled consumers about it.

The settlements with credit card comapnies, on the other hand, involve losses incurred by credit card issuers because of the data protection breach. The settlements brokered between Heartland and the credit card companies are just the beginning. The company still needs to broker a settlement with credit card issuers Mastercard and Discover. Reuters quotes David Koning of Robert W. Baird as saying, "Two down, two to go." Stay tuned to see if and for how much the other two will settle with Heartland.

Related Resources:

Copied to clipboard