Cardholders File Class Action Against Heartland Payment Systems

Cardholders File Class Action Against Heartland Payment Systems, Inc. For Loss of Credit and Debit Card Data; Filed By Berger & Montague, P.C.

PHILADELPHIA, Jan. 30 /PRNewswire-USNewswire/ — On January 29, 2009, the law firm of Berger & Montague, P.C. ( filed a class action suit in the U.S. District Court for the District of New Jersey on behalf of all cardholders in the U.S. whose credit or debit card data was stolen from Heartland Payment System, Inc.’s payment processing network. Heartland processes credit and debit card transactions for more than 150,000 merchants nationwide.

The lawsuit seeks to redress Heartland’s failure to safeguard cardholder data, which was accessed and stolen by a computer hacker. Compromised information included credit and debit card numbers and card expiration dates. According to several media reports, 100 million card numbers may have been affected. Fraudulent activity has occurred on some of those cards.

Data thieves reportedly installed malicious software on Heartland’s payment processing network as early as May 2008. In late fall 2008, Visa and MasterCard alerted Heartland to suspicious activity on cards that Heartland previously processed. Heartland later announced that in mid-January 2009 it located and contained malicious software on its network. The lengthy delay between when the intrusion began and when it was contained reflects the inadequacy of Heartland’s security measures and intrusion detection systems.

Because of Heartland’s inadequate data security, cardholders have had their card information compromised, have been exposed to the risk of fraud, have spent and will spend time to monitor their accounts and dispute fraudulent charges, and have suffered other economic damages.

ABOUT OUR FIRM: Berger & Montague consists of over 60 attorneys who primarily represent plaintiffs in class action litigation. The firm has extensive experience in data breach, consumer fraud, securities fraud, and antitrust litigation. We have played lead roles in major cases over the past 30 years, resulting in recoveries of several billion dollars for class members. We were Co-Lead Counsel in a data breach class action against TJX Companies, Inc, owner of TJ Maxx, Marshalls, A.J. Wright, and HomeGoods, stemming from the then-largest theft of credit card information in history. That case settled in 2008 for benefits valued at over $200 million.

If you received notice from your card-issuing bank or credit union that your card data was compromised from the Heartland breach, and you would like to discuss your legal rights, please contact:

Sherrie R. Savett, Esq.

Michael T. Fantini, Esq.

Jon Lambiras, Esq.

Diane Werwinski, Paralegal

Berger & Montague, P.C.

1622 Locust Street

Philadelphia, PA 19103

Phone: 888-891-2289 or 215-875-3000

Fax: 215-875-4604



SOURCE Berger & Montague, P.C.

Heartland Payment Systems alternative

Heartland Payment Systems may be publicly touting that they continue to acquire new customers, but those in payment processing are getting a noticeable increase in calls from merchants wanting to out of Heartland now.

Restaurants and T&E are big industries for Heartland Payment Systems. Most of these also have a POS system. In order to change processors, the new processor typically completes a standard form and gives this to the POS company for the change. The form essentially changes where the transaction will occur. This is a very simple step. However, as the rush to exit Heartland grows, the processing of these changes will put a burden on third party POS providers to get them done.

Some merchants may have concerns about the ‘difficulty’ of changing. As stated above, it’s normally just a couple line items that change the processor. The rest of the programming set up is done at the processor. If an adjustment needs to be made after the initial set up, the processor does not need to get back in line with the POS company.

Most 3rd parthy POS providers charge a fee for the change. To ensure a quick and smooth transition, find a contact with your POS company. They will need you to sign off on the change. Our company will prepare the paperwork to change processors, the POS company will verify with you (faxed document) it’s OK to make the change, and then you get put in their queue for the change over. It’s instant once the POS company makes the software update.

If you’re considering leaving Heartland Payment Systems because of the 2008 data breach fall out, make your decision now rather than later and you’ll have a short wait with your POS provider. Three class action lawsuits have been filed and it could get ugly to get out later.

I’ll match any pricing you have, provided it is reasonable and we can make a profit.

Heartland Payment Systems Uncovers Malicious Software In Its Processing System

Company Release – 01/20/2009 09:00

No merchant information or cardholder Social Security numbers compromised.

PRINCETON, N.J., Jan. 20 /PRNewswire-FirstCall/ — Payments processor Heartland Payment Systems has learned it was the victim of a security breach within its processing system in 2008. Heartland believes the intrusion is contained.

“We found evidence of an intrusion last week and immediately notified federal law enforcement officials as well as the card brands,” said Robert H.B. Baldwin, Jr., Heartland’s president and chief financial officer. “We understand that this incident may be the result of a widespread global cyber fraud operation, and we are cooperating closely with the United States Secret Service and Department of Justice.”

No merchant data or cardholder Social Security numbers, unencrypted personal identification numbers (PIN), addresses or telephone numbers were involved in the breach. Nor were any of Heartland’s check management systems; Canadian, payroll, campus solutions or micropayments operations; Give Something Back Network; or the recently acquired Network Services and Chockstone processing platforms.

After being alerted by Visa(R) and MasterCard(R) of suspicious activity surrounding processed card transactions, Heartland enlisted the help of several forensic auditors to conduct a thorough investigation into the matter. Last week, the investigation uncovered malicious software that compromised data that crossed Heartland’s network.

Heartland immediately took a number of steps to further secure its systems. In addition, Heartland will implement a next-generation program designed to flag network anomalies in real-time and enable law enforcement to expeditiously apprehend cyber criminals.

Heartland has created a website – – to provide information about this incident and advises cardholders to examine their monthly statements closely and report any suspicious activity to their card issuers. Cardholders are not responsible for unauthorized fraudulent charges made by third parties.

“Heartland apologizes for any inconvenience this situation has caused,” continued Baldwin. “Heartland is deeply committed to maintaining the security of cardholder data, and we will continue doing everything reasonably possible to achieve this objective.”

About Heartland Payment Systems

Heartland Payment Systems, Inc., a NYSE company trading under the symbol HPY, delivers credit/debit/prepaid card processing, payroll, check management and payments solutions to more than 250,000 business locations nationwide.

Heartland is the founding supporter of The Merchant Bill of Rights, a public advocacy initiative that educates merchants about fair credit and debit card processing practices. For more information, please visit and

Forward Looking Statements

This press release may contain statements of a forward-looking nature which represent our management’s beliefs and assumptions concerning future events. Forward-looking statements involve risks, uncertainties and assumptions and are based on information currently available to us. Actual results may differ materially from those expressed in the forward-looking statements due to many factors. Information concerning these factors is contained in the Company’s Securities and Exchange Commission filings, including but not limited to, the Company’s annual report on Form 10- K, or Form 10-Q as applicable. We undertake no obligation to update any forward-looking statements to reflect events or circumstances that may arise after the date of this release.

For More Information:
Nancy Gross
Phone: 215.519.7367
SOURCE Heartland Payment Systems, Inc.