Heartland Payment Systems, the fifth largest payments processor in the US, has agreed to pay issuers of Visa-branded credit and debit cards up to $60m (£37m) in compensation for losses incurred after the huge data breach in 2008.
The company revealed in January last year that hackers had infiltrated its computer systems and planted malware on its servers designed to steal card data. In the region of 100 million cards are thought to have been compromised.
Heartland chairman Bob Carr said that he was pleased to have reached a "fair settlement agreement" regarding the losses issuers may have suffered as a result of the intrusion.
"At Heartland, we are committed to helping issuers, as well as all stakeholders in the payment ecosystem, to mitigate future risk," he added.
"We have assumed a leadership position in the development of enhanced data security and fostering the sharing of information."
Ellen Richey, chief enterprise risk officer at Visa, urged issuers to participate in the settlement programme while emphasising Visa's security credentials.
"Helping financial institutions mitigate costs after a data security breach has been a long-standing component of Visa's security strategy, along with promoting new security technologies, preventing fraud and leading efforts to secure sensitive data across the entire payment system," she said.
The Visa payout comes just a month after Heartland announced a similar settlement with American Express of $3.6m (£2.2m), and yet again highlights the financial penalties that can result when IT systems are compromised.
Small Texas cable firm alleges foul play
Facebook will join fores with UK NGOs to tackle hate speech on the social network
A survey of local authorities has found that they face challenges in the areas of data, compliance and mobility.
More than 800,000 home users could be affected