Payment processing firm
Heartland
Payment Systems has finally revealed that the major
data
breach it suffered last year has cost the company more than $12m (£7.9m) in
fines and legal costs.
Heartland chief executive Robert Carr explained during a conference call with
investors that the firm had taken a $12.6m hit in this quarter in "expenses and
accruals" resulting from the breach.
"The smaller part of these intrusion related expenses represents legal and
other expenses related to the intrusion, and less than $1m related to fines
assessed by Visa against our sponsor banks, which our sponsor banks are
contesting," he said.
"However, more than 50 per cent of this expense relates to a fine that
MasterCard assessed against our sponsor banks, ostensibly because of an alleged
failure by Heartland to take appropriate action on having learned that its
computer system may have been breached and on thereafter having discovered the
intrusion."
However, Carr said that the firm would be contesting the MasterCard fine as
unfair, and told Heartland’s sponsor banks to do the same.
With the legal costs of this case still racking up, the news should stand as
a cautionary tale for companies that fail to take data security and compliance
seriously.
However, the damage to a firm's brand and reputation is likely to be greater
and more significant," warned Carr.
"We are in a cyber crimes arms race, and we need to stay ahead of the bad
guys who never rest and do not call committee meetings to update their malicious
tools and attack vectors," he said.
Do you agree?
Have your say on this article