Heartland Payment Systems Inc, one of the nation’s largest payment processors, informed the public in January 2009 that tens of millions of debit and credit card accounts had been breached. Heartland then found itself facing 17 consumer class action complaints and 10 bank and/or credit union class actions. Heartland agreed to pay $4.7 million to settle consumer class actions, and recently settled with both Visa and American Express Travel Related Services Company, Inc. for almost $60 million and $3.5 million respectively. According to the Visa settlement, $59.2 million is available to Visa card-issuing banks for their costs associated with the data breach.
TIP: Companies that process credit card data should keep in mind that not only may they find themselves liable to consumers in the event of a data breach, but may also find themselves answering complaints brought by credit card companies as well. Proper security measures are thus all the more important.