Another $5.4M Compensation by Heartland for Malware Infection

The fourth largest credit card payments company of the United States' "Heartland Payment Systems" has decided to disburse a US$5 million ($5.4 million) payment to its financial services client 'Discover' on the grounds of data breach caused by a malware infection.

A whooping amount of US$3.6 Million had been already paid by the payments processor to American Express over the same breach, whereas Visa settled to limit its compensation claims to US$59.2 Million.

The entire agreement amount has come from the $140 Million Heartland set aside to cover up the overheads associated to the breach. That sum comprises more than $26 million in lawful costs.

Remarkably, on January 20, 2009, the company proclaimed that unidentified attackers had penetrated its network's security and stole transaction data by means of malicious software. The attack was noticed during an internal inquiry driven by warnings sent by Visa and MasterCard, regarding fake activity on some credits cards processed by the company.

Afterwards, authorities stated that as many as 130 Million debit and credit cards data was stolen that made it the biggest ever breach related to payment card data.

Owing to this incident, Heartland was detached from both Visa's and MasterCard's lists of providers in mid-march. The company's subsidized banks have also been charged by both MasterCard and Visa as an end result of the attack, but though the Visa fines sum to under $1 Million, the ones charged by MasterCard represent above 50% of the $12.6 Million. The latter alleges that Heartland was unsuccessful to act correctly after learning of the breach, a claim that the company is determined to confront in court.

The attacks at Heartland and various other key retailers were afterwards traced to a bunch of cybercriminals headed by Miami-based Albert Gonzalez who was sentenced to 20 years federal prison in March (2010).

Commenting on this recent settlement the Princeton, N.J. based Heartland said that the agreement would clear out all issues amid the two companies, arising from the intrusion, as reported by The Security Pub on September 2, 2010.

Robert Carr (CEO, Heartland) said that this agreement marked their final settlement with a card brand linked to the attack, as reported by The Security Pub on September 2, 2010.

Related article: Another Worm Using Bush’s Theme Creeps Into PCs

» SPAMfighter News - 9/10/2010