CONTINUE TO SITE »
or wait 15 seconds

News

Lawsuit claims Heartland knew its data security was sub-par

October 7, 2009

CU Info Security reports that a new master companion filed in a class-action lawsuit against Heartland Payment Systems claims Heartland CEO Robert Carr told industry analysts the Payment Card Industry Data Security Standard, or PCI DSS, was an insufficient protective measure.
 
According to the suit, Carr told analysts in November 2008 that he deemed PCI DSS feeble:
(We) also recognize the need to move beyond the lowest common denominator of data security, currently the PCI DSS standards. We believe it is imperative to move to a higher standard for processing secure transactions, one which we have the ability to implement without waiting for the payments infrastructure to change.
The complaint filed in the class-action suit alleges that Carr's comments confirm the PCI standards are minimal and that the actual industry standard for security is much higher:
Heartland executives were well aware before the data breach occurred that the bare minimum PCI DSS standards were insufficient to protect it from an attack by sophisticated hackers.

Related Media

Security
Examining biggest ATM security issues and 4 strategies to prevent them
Security
Banking privacy: 5 benefits for banks, customers
Security
Protecting an ATM's hardware, software by slowing down criminals
On-Demand Webinar
A Masterclass in ATM Security: Global Best Practices and Trends
Presented by Diebold Nixdorf
Recent Posts
ATM fees increase for 3rd consecutive year
The Farmers Bank renames branches, converts ATMs to ITMs
ATM check deposit fraud on the rise in Honolulu
ParaScript intros verification solution for checks
Nymeo Federal Credit Union wins recognition as 1 of the best workplaces in Maryland


©2025 Networld Media Group, LLC. All rights reserved.
b'S1-NEW'