Heartland Payment Systems faces a class action lawsuit from
investors who claim they lost money followinga breach of its debit
and credit card processing systems in 2008.
The company revealed on 20 January that its systems had been
compromised by hackers, exposing card account numbers, expiry dates
and data from the card's magnetic stripe.
Heartland said in a small number of cases cardholder names were
also potentially at risk, but no personal identification numbers
had been exposed.
An investor has filed a proposed class action in the US district
court of New Jersey on behalf of all other investors in Heartland
between August 2008 and February 2009.
The complaint alleges that Heartland issued false or misleading
statements and failed to disclose material adverse facts about its
business, operations and prospects during that period.
Heartland's shares during that period also declined from $21.84
per share, or approximately 80%, from its high of $27.19 per share
in September 2008.
Heartland is also facing sanctions from Visa over the data
breach.
Visa has removed Heartland from its list of processors certified
under the
Payment Card Industry Data Security Standard (PCI DSS),
according to the
Internet
Retailernews site.
Heartland says it continues to process Visa transactions as it
works to restore its PCI certification, which it expects to achieve
by May.
MasterCard has not taken any action against Heartland over the
breach, Heartland says.
United Bank in the US has re-issued a significant number of
debit cards and a moderate number of credit cards because of a
security breach at Heartland.
The bank said it could not disclose exact numbers because of
privacy concerns, according to the
Charleston
Daily Mail.
United Bank said it had received no details of customers
affected by the breach from Heartland, but it has re-issued cards
to all customers that appear on a list compiled by Visa.
Heartland has not disclosed the number of credit card details
exposed by the intrusion, but the firm handles about 100 million
transactions a month.
In light of these numbers, the Heartland data breach could far
exceed the 45 million identities stolen from nine US retailers
including TJX in 2007.
Get
credit card processing quotes with BuyerZone.