Heartland Payments Settles Breach Claims With Discover For $5 million

Register now

PRINCETON, N.J. – Cards processor Heartland Payment Systems last week agreed to pay Discover Financial Services $5 million to settle claims related to the company’s massive security breach in 2008.

Hackers installed spying software on Heartland's computer network in 2008, giving them access to data including account numbers, expiration dates and, in some cases, customer names on the systems that process Visa, MasterCard, American Express and Discover Card transactions. The company revealed the problem in January 2009.

Heartland previously had reached breach-related settlements totaling $114.7 million. That included a $3.5 million payment to American Express, $59.3 million in payments to Visa and several credit unions and banks, and $41.4 million to MasterCard and its credit union and bank issuers.

MasterCard last week said that it received enough support from card issuers to proceed with a $41.4 million settlement in the Heartland Payments Systems breach.

The separate settlements will not preclude dozens of credit unions and banks who did not accept the payments from pursuing their own claims against the payments processor.

Heartland was one of the victims of computer hacker Albert Gonzalez, a mastermind in the biggest identity theft in U.S. history who confessed to stealing tens of millions of payment card numbers from companies, including Barnes & Noble, Sports Authority, BJ Wholesale Club, Hannaford Bros. supermarkets and TJX retailers.

For reprint and licensing requests for this article, click here.