Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CU System
Court dismisses Heartlands acquiring banks from breach suit
HOUSTON, Texas (4/17/11)--A U.S. District Court in Houston, Texas, has dismissed two acquiring banks as defendants in a lawsuit brought by four credit unions and a bank related to the 2008-2009 Heartland Payment Systems' data breach. However, the court suggested that the complaint against one bank be transferred. U.S. District Judge Lee H. Rosenthal of the Southern District of Texas rendered the decision on March 31. Heartland's two acquiring banks--Heartland Bank and KeyBank N.A.--process payments for the merchants who make credit-card sales. They hired Heartland as their processor. In a credit card transaction, acquiring banks contact the card-issuer banks to clear the transaction if there is enough credit in the consumer's account. The four "issuer banks" who brought the suit are Lone Star National Bank, N.A.; PBC CU, based in West Palm Beach, Fla.; O Bee CU, based in Tumwater, Wash.; Seaboard FCU, Bucksport, Maine; and Pennsylvania State Employees CU, Harrisburg, Pa. They sued the banks for breach of contract, breach of fiduciary duty, and negligence based principally on the banks' alleged failure to monitor the security of the card processing system's database and ensure the card processor complied with the Payment Card Industry Data Security Standards. Heartland Bank, based in Clayton, Mo., and KeyBank, based in Ohio, both moved to dismiss the case for failure to state a claim on which relief can be granted. Heartland Bank also moved to dismiss for lack of personal jurisdiction in the state of Texas. The court granted Heartland's motion to dismiss on the first point, but concluded "that transfer [of the case from Texas to another court jurisdiction], not dismissal, is the appropriate remedy." Ohio-based KeyBank's motion was also granted, "with prejudice as to the negligence claim and without prejudice as to the remaining claims." The breach, which was announced by New Jersey-based Heartland Payment Systems in January 2009, is the largest data breach on record, with more than 130 million credit and debit cards compromised. As a result, many financial institutions, including credit unions, had to reissue their member/customers cards to prevent fraudulent charges. Many saw fraudulent charges on cards. Multiple lawsuits prompted by the hacking were consolidated into two tracks: one for consumers whose card numbers were accessed, and one for financial institutions that issued the cards that were compromised in the hacking. The financial institution track lawsuit involves two complaints: one against Heartland Payment Systems, and one against the two acquiring banks. A status conference on the case was scheduled for April 18.


RSS print
News Now LiveWire
Louise Herring's birthday is Saturday. 105 years later, her legacy lives on through her kids http://t.co/oMqGADmo0d http://t.co/T3NmS9NqEY
46 minutes ago
#Creditunions in PA and NJ hosted retirement fairs this week @PCUA and @NJCUL report.
1 hours ago
.@TheCCUL's Radebaugh suggests 2nd #RBC comment period in letter to @TheNCUA #NewsNow http://t.co/RylFuynT6g
2 hours ago
#NewsNow today Herring legacy carried forward with merger http://t.co/oMqGADmo0d
3 hours ago
.@MICreditUnions-supported electronic lien titling bill unanimously passes Assembly, on way to Senate http://t.co/6He1JG2ucr
4 hours ago