BreachExchange mailing list archives
follow-up: Heartland Executives Told the Truth, Judge Says
From: security curmudgeon <jericho () attrition org>
Date: Mon, 14 Dec 2009 08:30:42 +0000 (UTC)
---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> http://www.pcworld.com/article/184235/heartland_executives_told_the_truth_judge_says.html By Robert McMillan IDG News Service Dec 10, 2009 Top executives at Heartland Payment Systems spoke truthfully about the state of security at the company, a federal judge said earlier this week before dismissing a class-action lawsuit against the payment processor. The shareholder lawsuit, filed in March, was dismissed Monday by Judge Anne Thompson of the U.S. District Court for the District of New Jersey. Heartland was sued by shareholders after its stock dropped nearly 80 percent following the largest data breach in U.S. history. The plaintiffs in the case say that Heartland executives lied when asked about the state of the company's security in earnings conference calls and by failing to disclose a 2007 SQL injection attack on its payroll system in Securities and Exchange Commission filings. That December 2007 SQL injection attack was important because it gave criminals a back door into the company's payment processing system, the plaintiffs alleged. Ultimately hackers stole more than 130 million credit card numbers. But in her opinion, Judge Thompson said that because Heartland had not confirmed the credit card hack until January 2009, the company's executives were telling the truth when they told investors that they took security seriously. [...] _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- follow-up: Heartland Executives Told the Truth, Judge Says security curmudgeon (Dec 14)