Heartland settles with Visa; funds to go to issuing banks
Heartland Payment Systems and Visa have agreed on a $60 million settlement related to the payment processor's record-breaking data breach, revealed one year ago.
The money will be used to reimburse Visa's issuing banks for costs associated with the incident, according to a joint statement released Friday.
Ellen Richey, chief enterprise risk officer at Visa, said the settlement will provide "an immediate recovery" for the issuers.
"Helping financial institutions mitigate costs after a data security breach has been a longstanding component of Visa's security strategy," she said.
Kristen Mathews, head of the Privacy & Data Security Group at New York-based law firm Proskauer, told SCMagazineUS.com on Friday that the banks will use the money to offset the cost of reissuing cards. In addition, the funds will go toward reimbursing the banks for any incidents of fraud that customers experienced.
"It's exactly what happened in the TJX breach," Mathews said.
In December, Heartland agreed to pay American Express $3.6 million under a separate settlement. Settlements with MasterCard and Discover are still outstanding.
Eighty percent of the issuing banks believed to have been affected by the Heartland branch must accept the terms of the Visa deal. In addition, the card brand will credit the fines against Heartland's acquiring banks, which Visa already has imposed, as part of the $60 million.