Heartland to pay out more for data breach
2010-01-12
Heartland Payment Systems is to hand out up to $60 million (£37.26 million) to issuers of Visa-branded credit and debit cards as part of a settlement agreement that covers losses they may have incurred following a data breach at the payments processor.
This deal is subject to particular conditions, including a certain level of participation by US Visa issuers, and Visa will present details of the settlement to eligible issuers in the near future.
Ellen Richey, chief enterprise risk officer at Visa, commented: "Helping financial institutions mitigate costs after a data security breach has been a long-standing component of Visa's security strategy, along with promoting new security technologies, preventing fraud and leading efforts to secure sensitive data across the entire payment system."
She believes that issuers will gain by participating in the settlement as it provides "an immediate recovery" in regard to losses they may have incurred from the Heartland data breach.
Meanwhile, Bob Carr, Heartland's chairman and chief executive officer, described the settlement as "fair".
He added: "We are also committed to helping issuers - as well as all stakeholders in the payment ecosystem - mitigate future risk."
The settlement is dependent on acceptance by financial institutions representing 80 per cent of the eligible issuers' US accounts that Visa believes were placed at risk of compromise during the IT intrusion.
This news comes not long after Heartland agreed to settle the consumer cardholder class actions consolidated in the United States District Court for the Southern District of Texas related to the data breach.
The payments processor said it would pay out a minimum of $1 million (£620,925) and up to a maximum of $2.4 million (£1.49 million) to class members who submit valid claims for losses that arose from the IT intrusion.
Heartland said it would also cover all costs related to the administration of the settlement.
Read more security news.
