Heartland Payment Systems is to pay $5 million to a financial services customer over the 2008 data breach.
In a statement that describes the payment to Discover as an ‘intrusion settlement', Heartland confirmed it will pay Discover £5 million to resolve ‘all issues related to the 2008 intrusion'. Bob Carr, Heartland's chairman and chief executive officer, said: “We are pleased to have reached an equitable settlement with Discover. This settlement marks our final agreement with a card brand related to the intrusion.”
The payments processor had already paid American Express $3.6 million over the same breach, while Visa agreed to cap its compensation demands to US$59.2 million, according to Australia's IT News.
The Heartland incident was initially believed to have affected over 100 million cards, after intruders broke into the systems and planted malicious software to steal card data carried on the company's networks. One estimate claims that as many as 130 million cards were affected.
The incident led to a Colorado bank blocking all point of sale purchases on issued debit cards, while Carr called for better industry collaboration and information sharing to better defend itself.