House says Visa, MasterCard are to blame for security hacks, card compromises

• 06 Apr 2009

Editor's Note:  This obviously bodes well in Heartland's decision to defend their case vigorously.  However, the first shovel of dirt may have already been thrown on Heartland's grave.  Class action lawsuits by consumers, banks and shareholders mean a ginormous legal bill for HPY. 

The fines will be a mere pittance compared to what they may have to pay out in these legal cases.  Of course, with the government saying V/MC may be to blame, HPY's strategy may be to countersue.  That might keep them alive, but they'd still be dead in the water because they'll make bitter enemies out of V/MC in a court case. 

Meanwhile, Visa is already on making rumblings that Heartland may not have been in PCI compliance when the breach happened.  This is shaping up to be one heck of a legal battle.  We'll keep following the events as they develop.  Keep your eyes tuned to the PIN Payments Blog for regular updates in this matter.  - JBF

Forbes: In security breach cases last year, such as Hannaford Bros. supermarket and the card processing firm Heartland Payment Systems, cybercriminals gained access to millions of consumers' credit card details, and those criminals have yet to be identified and punished. So in a hearing last week, the House of Representative's Committee on Homeland Security turned its attention to the card networks, Visa and MasterCard, which are responsible for creating and enforcing the Payment Card Industry standards that failed to prevent those breaches. Given that both Hannaford and Heartland had complied with PCI rules, the congressional panel turned the spotlight on the credit card companies, arguing that their security measures need to be redesigned or supplemented with federal laws — a potential crackdown that could require changes on the part of both retailers and financial services companies.