Payments processor Heartland Payment Systems Inc. – which processes more than 100 million debit and credit transactions per month – is facing two class-action lawsuits seeking financial compensation for U.S. consumers whose credit or debit card information was stolen during a large-scale breach of the payment processor’s data system late last year.

Hackers accessed the system Heartland uses to process Visa, MasterCard, American Express, and Discover credit and debit card transactions for more than 150,000 banks and credit unions nationwide.

Heartland CEO Robert Carr says “card numbers, expiration dates and other data from the card’s magnetic strip,” may have been exposed and, “in a small percentage of cases,” the name of the cardholder may also have been accessed during the 2008 security breach. Some cardholders have reported fraudulent activity on their cards as a result of the data theft.

Carr says the company has since stepped up its security efforts to encrypt merchant and consumer data and says cardholders will not be held financially responsible for any fraudulent transactions that are “timely reported” to banks. He urges cardholders to monitor their card and bank statements for any suspicious activity.

Heartland Accused of Not Doing Enough to Help Affected Consumers

The data processor has failed to make credit monitoring services available to affected consumers or to offer them any type of financial relief, according to the class-action lawsuits filed by the law firms Berger & Montague P.C. and Chimicles & Tikellis LLP.

Berger & Montague’s complaint reveals that Heartland was alerted by Visa and MasterCard late in the fall of 2008 about suspicious activity on cards that Heartland had previously processed. Heartland didn’t announce that it had located malicious software on its network and contained the problem until mid-January.

“The lengthy delay between when the intrusion began and when it was contained reflects the inadequacy of Heartland’s security measures and intrusion detection systems,” the lawsuit alleges.

As a result of the company’s inadequate data security, cardholders have been exposed to the risk of fraud, have spent and will continue to spend time monitoring their accounts and disputing fraudulent charges, and have suffered other economic damages.

The breach, disclosed by Heartland on Jan. 20, has prompted banks from Maine to Washington to reissue credit and debit cards to thousands of customers.

Popularity: 4% [?]

Related posts:

1. Experts Call for Massive Debt Relief ‘Haircut’ to Jumpstart the Economy
2. Maryland Approves Debt Collection Rules That Protect Consumers
3. Credit Card Debt Relief Scam Sued by FTC Over Illegal Fees, Deceptive Practices
4. ‘Credit Building’ Debit Card Earns Criticism for Suze Orman, Oprah Magazine