Skip to main content

New Settlement Agreement in Heartland Breach

And the cash register continues to ring with respect to the Heartland Payment Systems Inc. breach.

Heartland disclosed last week in a filing with the Securities and Exchange Commission that it has agreed to pay a maximum of $60 million to Visa Inc. and Visa card-issuing banks to settle claims arising out of the massive payment card data breach last January.

The proposed settlement is conditioned on 80% of eligible banks accepting the settlement offers. Under the agreement, some $59.2 million of the maximum settlement amount would be available to pay Visa card-issuing banks for their costs associated with the data breach. An additional $780,000 would be used to clear fines related to the breach collected by Visa from banks. According to the agreement, settlement offers will go out to eligible Visa-issuing banks next week and must be accepted by January 29.

More information: The full text of the Settlement Agreement

Subscribe To Viewpoints


Cynthia J. Larose

Member / Chair, Privacy & Cybersecurity Practice

Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.