Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CU System
Court dismisses Heartlands acquiring banks from breach suit
HOUSTON, Texas (4/17/11)--A U.S. District Court in Houston, Texas, has dismissed two acquiring banks as defendants in a lawsuit brought by four credit unions and a bank related to the 2008-2009 Heartland Payment Systems' data breach. However, the court suggested that the complaint against one bank be transferred. U.S. District Judge Lee H. Rosenthal of the Southern District of Texas rendered the decision on March 31. Heartland's two acquiring banks--Heartland Bank and KeyBank N.A.--process payments for the merchants who make credit-card sales. They hired Heartland as their processor. In a credit card transaction, acquiring banks contact the card-issuer banks to clear the transaction if there is enough credit in the consumer's account. The four "issuer banks" who brought the suit are Lone Star National Bank, N.A.; PBC CU, based in West Palm Beach, Fla.; O Bee CU, based in Tumwater, Wash.; Seaboard FCU, Bucksport, Maine; and Pennsylvania State Employees CU, Harrisburg, Pa. They sued the banks for breach of contract, breach of fiduciary duty, and negligence based principally on the banks' alleged failure to monitor the security of the card processing system's database and ensure the card processor complied with the Payment Card Industry Data Security Standards. Heartland Bank, based in Clayton, Mo., and KeyBank, based in Ohio, both moved to dismiss the case for failure to state a claim on which relief can be granted. Heartland Bank also moved to dismiss for lack of personal jurisdiction in the state of Texas. The court granted Heartland's motion to dismiss on the first point, but concluded "that transfer [of the case from Texas to another court jurisdiction], not dismissal, is the appropriate remedy." Ohio-based KeyBank's motion was also granted, "with prejudice as to the negligence claim and without prejudice as to the remaining claims." The breach, which was announced by New Jersey-based Heartland Payment Systems in January 2009, is the largest data breach on record, with more than 130 million credit and debit cards compromised. As a result, many financial institutions, including credit unions, had to reissue their member/customers cards to prevent fraudulent charges. Many saw fraudulent charges on cards. Multiple lawsuits prompted by the hacking were consolidated into two tracks: one for consumers whose card numbers were accessed, and one for financial institutions that issued the cards that were compromised in the hacking. The financial institution track lawsuit involves two complaints: one against Heartland Payment Systems, and one against the two acquiring banks. A status conference on the case was scheduled for April 18.


News Now LiveWire
A recent report from @TransUnion says consumers born 1981 or later made up 27% of total auto-loan originations in 2014, up 16% from 2009.
19 hours ago
.@CUNA says new House bill is "further evidence" of lawmakers' interest in how @TheNCUA uses its funds from CUs. See News Now Monday.
1 day ago
.@MECreditUnions announces winner of @YoungFreeME #SoundOff contest. @Sassquatch_Band will play Old Port Festival in June @PDD_Downtown
15 hours ago
House Financial Services Com. to hold March 3 hearing to receive the semi-annual report of @CFPB Director Richard Cordray.
15 hours ago
Rep. Jeff Miller (R-Fla.) re-introduced bill to ease veterans' access to loans for #smallbusiness purposes from a #creditunion (HR 1133)
17 hours ago