Heartland settles with MasterCard over data breach

Heartland will pay out up to 41.4m in reimbursement expenses to MasterCard issuers
Heartland will pay out up to 41.4m in reimbursement expenses to MasterCard issuers

MasterCard and Heartland agreed to the payment arrangement in which the card processor will fund up to 41.4m in reimbursement expenses claimed by MasterCard’s issuers affected by the data breach. The deal is contingent on acceptance by at least 80% of the card issuers.

Bob Carr, chairman and CEO of Heartland, said: “We are pleased to have reached an equitable settlement agreement that helps issuers of MasterCard-branded cards obtain a recovery with respect to losses they may have incurred from the intrusion.” The statement from Heartland also suggested that MasterCard would recommend its card issuers accept payment offers from the agreement.

Heartland had previously settled similar cases with American Express and Visa.

“We feel that this settlement represents an appropriate and fair resolution for our issuing financial institution customers and will enable them to avoid uncertainties and delays associated with potentially protracted litigation," said Wendy Murdock, chief franchise officer for MasterCard Worldwide, in a press release statement. "The agreement underscores MasterCard's continuing efforts to maintain the integrity of payment card industry standards and mitigate the impact of account data compromise events."

The well publicized data breach occurred in 2008 when hackers compromised Heartland’s systems and made off with more than 100 million credit and debit card numbers processed by the company. One of the hackers, Albert Gonzalez, is currently serving a 20-year sentence related to the event, the stiffest such penalty ever handed out by a US court for a hacking-related incident.

What’s Hot on Infosecurity Magazine?