For all intents and purposes, the Heartland Payment Systems data breach saga ended more than two years ago when the embattled payment processor finalized settlements paying out millions of dollars to various banks, credit card issuers and consumers. That is until a handful of banks reportedly requested the Fifth Circuit reopen their negligence case that stemmed from the 2008 breach.
According to Law360’s Megan Stride, the collection of banks, which reportedly includes Amalgamated Bank and Lone Star National Bank NA among others, are claiming that the case should be re-examined because the courts initially ruled that Heartland Systems was protected against their negligence claims because of a New Jersey economic loss rule.
The banks claim that rule is impertinent in this scenario because the rule applies to claims against economic loss only when however many parties are engaged in a contractual agreement. The banks, of course, claim that no such contract or agreement ever existed.
“Heartland’s attempt to shoehorn the economic loss rule into this attenuated fact scenario is neither persuasive nor supported by New Jersey law,” the banks’ brief stated according to Law360.
A Heartland attorney reportedly declined to comment, Stride reports.
The Heartland breach was considered the largest ever with more than 100 million records lost. Malware was placed on the payment processor’s network that scooped up data stored on the magnetic strips of credit cards. No merchant data or cardholder Social Security numbers, unencrypted personal identification, addresses or phone numbers were stolen.
The breach happened over a period of time in late 2008 and was disclosed on inauguration day 2009. In late 2009, Alberto Gonzalez, an FBI informant, confessed to his role in the fraud operation. He was sentenced to 20 years in prison for his role.