Blog

Bottomless Breach

Last month Computerworld reporter Jaikumar Vijayan cited the total costs for the Heartland Payment Systems breach to be at about $140 million as of May 10th.

Last month Computerworld reporter Jaikumar Vijayan cited the total costs for the Heartland Payment Systems breach to be at about $140 million as of May 10th. Quarterly financial results released by Heartland last week show that the card payment processor has accrued $139.4 million in breach-related expenses. The figure includes a settlement totaling nearly $60 million with Visa, another of about $3.5 million with American Express and more than $26 million in legal fees. That total also includes $42.8 million that Heartland has set aside to fund proposed settlements with several other litigants over the breach. Well, if John Adams' Bank Technology News article is accurate, Heartland better round up some more money: As it continues to mop the financial fallout form its 2008 data breach, Heartland Payment Systems last week agreed to pay as much as $41.4 million to MasterCard issuers. The firm will fund the recovery efforts to settle loss claims by issuers associated with the breach. MasterCard, which recommends the offer be accepted, said the settlement is an “appropriate and fair” resolution for its issuing financial institution customers and will enable them to avoid protracted litigation. Clearly Heartland's financial losses aren't nearly where TJX ended up- a whopping $4.5 billion. And imagine if newer laws such as MA 201 CMR 17.00 were in place...! However, as I've said numerous times in these cases, the reputation damage is pretty much priceless.