The Agency Insider with Linda McGlasson

Heartland Heads to the Finish Line

Heartland Heads to the Finish Line

Last summer at this time, payments processor Heartland Payment Systems was sweating under the spotlight turned on by the historic Heartland data breach -- the largest such incident ever reported. Heartland and its leaders faced glaring scrutiny from everyone in the financial services industry. There were lawsuits from investors, consumers, banks and credit unions. Even its CEO faced stern questions on Capitol Hill by a Congressional committee looking into the payment processor's data breach.

A year later, the Heartland breach has been solved - hacker Albert Gonzalez has been sentenced to 20 years in prison for masterminding the attack. Heartland has emerged as a leading voice in the industry-wide call for improved payments security. And CEO Bob Carr now has the opportunity and perspective to discuss leadership under fire, and how he helped the company emerge from its disaster.

Will banking institutions end up holding the bag when the last class action suit is decided? 

The one remaining hurdle for Heartland is located in a courtroom in Houston, Texas, where U.S. District Judge Lee Rosenthal presides over the last remaining class action suit. Already, the settlement fines have been paid by Heartland to the credit card companies impacted by the breach. An investors' lawsuit was overruled. The consumer class action suit has been settled, at least in principle. All now that remains of the multi-million dollar data breach are the loose strings of a class action suit brought against Heartland and its two acquiring banks, Heartland Bank and Key Bank, by financial institutions affected by the breach.

To those who may not be familiar with Judge Rosenthal, she appears to have depth of knowledge in the information technology issues and the laws that will likely decide this case. Judge Rosenthal gave an interview on e-discovery back in 2007, calling it one of her "favorite topics in the world." This coming from a judge is interesting, to say the least, and means there won't be much that will get by her when she is writing her decision on the class action's motions.

For the untold, unnamed thousands of financial institutions that were affected by this breach, Rosenthal's decision is crucial. Will the institutions end up holding the bag, so to speak, in terms of the costs they incurred in handling the card data breach, card replacement, fraud losses and the ensuing customer confidence issues? Or will Heartland be found responsible for the insecurity that allowed Gonzalez and his criminal crew to steal card data from its systems? These questions all will be answered by Judge Rosenthal, when she renders her opinion.

In the meantime, the summer is long, hot and full of the possibilities that maybe even a bigger, badder data breach is out there waiting to be discovered.



About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.