HOUSTON, Texas (1/21/10)--Credit unions and banks that issued Visa payment cards compromised by the Heartland Payment Systems data breach, the largest in history, should carefully review the proposed settlement between Heartland and Visa, say three attorneys in the case. They filed a complaint Tuesday against Heartland's acquiring banks--KeyBank and Heartland Bank--in a Houston federal court that alleges they share responsibility for damages caused by the Heartland data breach. The attorneys, appointed by the court as interim co-lead counsels representing the proposed class of Visa issuers against Heartland in the pending class action lawsuit in Houston, are Mike Caddell of Caddell & Chapman, Richard Coffman of the Coffman Law Firm and Joe Sauder of Chimicles & Tikellis. They say the proposed settlement has four weaknesses:
* It may offer little compensation to payment card issuers; * It gives credit unions and banks little time to decide whether to participate; * It releases Heartland and other parties from liability; and * It is being touted for reasons that "are not entirely accurate."
Credit unions and banks received notice of the proposed settlement on Jan. 14 and have until Jan. 29--roughly 15 days--to decide whether to participate in the settlement, which "is not as generous as Heartland and Visa want you to believe," the attorneys said in a press release. "There were over 86 million Visa payment cards compromised by the data breach," said Caddell. "Once a financial institution factors in the costs it incurred to cancel and reissue the payment cards and the unauthorized charges it was forced to absorb, its share of the settlement most likely will be pennies on the dollar," he added. The settlement releases KeyBank and Heartland Bank from potential liability for breach damages "although they contributed little to the settlement," said Coffman. Most of the settlement funds are provided by Heartland. The two banks have more than $98 billion in assets combined that could be tapped as "additional sources of money to compensate the issuers for their damages," Coffman said. Sauder said that in Visa's informational webinars about the settlement, issuers were told the settlement is similar to that of the TJX Cos. data breach settlement, where roughly 97% of the financial institutions elected to participate. But the TJX settlement occurred late in the case at a "very different stage in the litigation," Sauder said. The court had issued opinions denying the issuers' motion for class certification and narrowing their legal claims, which meant "there was no viable alternative for the issuers but to accept the settlement or file individual lawsuits," Sauder said.The TJX case produced more than 500,000 pages of documents. In the Heartland case, "it is early in the case and there has been no formal discovery," and the facts of the cases are different. "In our view, the proposed Visa settlement clearly is designed to circumvent the safeguards inherent in the judicial process," Sauder said. In the end, Caddell said, each financial institution must perform its own cost/benefit analysis to determine whether to accept or reject the settlement. "While we intend to continue to vigorously pursue our cases against Heartland and its acquiring banks to maximize the recovery for financial institutions, litigation is uncertain at best, and there are risks associated with all cases," Caddell said. The three interim co-lead counsels will conduct conference calls for financial institutions on Jan. 22 at 3 p.m. EST, Jan. 25 at 3 p.m. EST, and Jan. 26 at 10 a.m. EST. For more information, use the links.