HOUSTON (5/7/09)--Pennsylvania State Employees CU (PSECU) filed a class action lawsuit Friday in a U.S. District Court in Texas against Heartland Payment Systems, seeking to recoup losses from the card payment processor's massive data breach revealed in January. In the complaint filed, the Harrisburg, Pa.-based credit union said Heartland violated the Payment Card Industry (PCI) Data Security Standards required by Visa and MasterCard. Heartland had a duty to comply with the PCI standards, properly secure Visa and MasterCard credit card and/or debit card magnetic stripe information and not disclose the information to unauthorized third parties, said the complaint filed in Houston. The breach exposed all Visa and MasterCard accounts processed by the Princeton, N.J.-based Heartland between May 15, 2008, and Nov. 13, 2008. As a result of the breach, more than 105,000 Visa cards issued by PSECU to its members were compromised, cancelled and reissued. The suit alleges breach of contract, negligence, equitable indemnification (in which the credit union says Heartland benefited from the credit union cancelling and replacing cards for its members), restitution, unjust richment and violations of the New Jersey Consumer Fraud Act. The credit union is seeking actual damages related to the costs of reissuing members' cards and administrative expenses related to monitoring and preventing fraud, notifying members and dealing with member confusion, and other losses. The $3.4 billion asset credit union also is seeking injunctive relief requiring Heartland to boost the security of its systems, and attorney's fees, and court costs. U.S. District Judge Lee H. Rosenthal ordered an initial pretrial and scheduling conference for the case on Sept. 25.