RSS Alerts

Share

More services

Related Stories

  • Premium pricing
    Infosecurity failures can cost millions, but many insurers are reluctant to take the risk, says Danny Bradbury
  • Face-off in Oxford
    Britain’s oldest university has become a flashpoint for students’ use of social networking and privacy, while companies debate whether to block or encourage Facebook and its rivals. SA Mathieson reports
  • Data Breach Spring
    Infosecurity’s Drew Amorosi examines three data breach incidents from the past few months that, by their nature, keep security vendors in business, regulators busy, and CISOs up at night. Find out why industry observers think this rash of massive breaches could lead to a ‘PCI for consumer privacy’
  • When Trust Is Not Enough: Examining Insider Threats
    Whether perpetrated by means of sleek corporate spying or dim-witted neglect, odds are that your insider threats will go undetected for an uncomfortable amount of time unless you play your hand correctly. Drew Amorosi investigates some of the common causes of internal data leaks and reveals its many faces
  • T-Mobile confesses guilt over customer data theft
    In what some communication security experts are calling a classic data theft resulting from one or more rogue employees, T-Mobile has admitted its staff sold private details of customers to a third party for use when selling mobile phone deals.

Top 5 Stories

News

Heartland breach generates storm of lawsuits

05 March 2009

Embarrassment over the massive data breach suffered by Heartland Payment Systems has turned out to be only the start of the firm's problems. The company, which announced the potential compromise of an as-yet undisclosed number of card records, is now on the receiving end of lawsuits from at least eight banks and credit unions.

Chimicles and Tikellis is one attorney that has filed suit against the company, on behalf of Amalgamated Bank, Matadors Community Credit Union, GECU, MidFlorida Federal Credit Union, and Farmers State Bank. The companies are claiming expenses to cover the cost of reissuing bank cards, along with reputational damage.

"The complaint raises claims for common law negligence, breach of contracts to which plaintiffs and class members were intended third party beneficiaries, breach of implied contract, violations of the New Jersey Consumer Fraud Act, negligence per se, and negligent misrepresentation," said the legal firm in a statement.

Other firms filing suit include Sohmer & Stark LLC, and Lone Summit Bank.

The card payment processor has still not admitted how many credit card records may have been compromised in the breach, which it discovered after credit card companies tipped it off. The breach occurred following the installation of malicious software onto its systems. It has expressed concern that card numbers, expiration dates and other data from the card’s magnetic stripe may have been exposed. In some limited cases, cardholder name information may also have been compromised.

"The investigation by forensic auditors is still underway, and we simply do not have that information. The media reports of numbers of potentially compromised accounts have been speculative," it said in a statement.

At the time of writing, the latest press release on the breaches from the payment processing company was dated 27 January and was more than a month old. It stated that the firm had begun working on end-to-end encryption systems to mitigate further risk.

This article is featured in:
Data Loss  • Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012