Court tosses claims against Heartland Payment over breach

Dozens of separate lawsuits, on behalf of consumers and banks, were filed against Princeton, N.J.-based Heartland, which disclosed in January 2009 that its systems were breached. In June 2009, the U.S. Judicial Panel on Multidistrict Litigation decided the civil complaints against Heartland would be consolidated and heard in Texas, where Heartland's IT personnel are based. The cases were divided into two tracks, one for consumer plaintiffs and another for financial institution plaintiffs.

After more than two years of litigation, District Judge Lee Rosenthal earlier this month dismissed nine of the 10 causes of action brought forth as part of a class-action lawsuit by nine banks. The banks had claimed they incurred significant expenses when they replaced payment cards and reimbursed fraudulent transactions as a result of the breach.

The judge dismissed most claims, including breach of contract, negligence and violations under numerous state laws, noting plaintiffs failed “to state a claim upon which relief can be granted.” The plaintiffs were, however, given one chance to amend the dismissed claims.  

But Heartland was not completely successful in its bid to have the claims dismissed. The judge decided not to throw out a complaint that the payment processor violated the Florida Deceptive and Unfair Trade Practices Act, which prohibits “unfair or deceptive acts or practices in the conduct of any trade or commerce.”

Heartland had argued that the claim should be dismissed because only consumers can bring forth claims under the law. Rosenthal thought otherwise, but conceded in his ruling that “the question is a close one.”

The banks have until Dec. 23 to file a revised complaint. A status conference was set for Jan. 13.

A Heartland spokesman declined to comment about the ruling when contacted by SCMagazineUS.com on Tuesday.