Heartland Payment Systems Inc. today announced it will pay up to $2.4 million to settle consolidated consumer class-action lawsuits stemming from the 2008 data breach of the Princeton, N.J.-based payments processor.
Under the proposal, filed Friday in the U.S. District Court for the Southern District of Texas, Heartland says it would pay up to $175 per settlement class member, with only two claims allowed per household. Heartland would reimburse consumers with identity theft-related claims up to $10,000, the filing says.
The proposed settlement covers all cardholder claims nationwide, a Heartland spokesperson tells PaymentsSource. Heartland says it will pay a minimum of $1 million in claims plus up to $1.5 million for notification costs and up to $760,000 in attorney fees. The settlement agreement is subject to court approval and could be terminated if Heartland receives more than 2,500 requests to be excluded from the settlement or if the notification costs exceed $1.5 million, Heartland says.
The timing of the claim process has not yet been set because a judge has yet to review the settlement proposal. That review should occur in the next 30 days or so, the Heartland spokesperson says. “Once the timeframe has been set, we will send a notice and publish that information to the public,” the spokesperson says.
The processor also agreed to submit an independent report on its actions to improve its network security.
Heartland announced in January that hackers infiltrated its network and captured an undisclosed amount of sensitive transaction data. Potential claimants include anyone in the United States who used a credit or debit card for a transaction Heartland processed between Dec. 26, 2007, and Dec. 31, 2008, court documents declare.

Subscribe Now

Authoritative analysis and perspective for every segment of the payments industry

14-Day Free Trial

Authoritative analysis and perspective for every segment of the industry