http://www.pcworld.com/article/184235/heartland_executives_told_the_truth_judge_says.html By Robert McMillan IDG News Service Dec 10, 2009 Top executives at Heartland Payment Systems spoke truthfully about the state of security at the company, a federal judge said earlier this week before dismissing a class-action lawsuit against the payment processor. The shareholder lawsuit, filed in March, was dismissed Monday by Judge Anne Thompson of the U.S. District Court for the District of New Jersey. Heartland was sued by shareholders after its stock dropped nearly 80 percent following the largest data breach in U.S. history. The plaintiffs in the case say that Heartland executives lied when asked about the state of the company's security in earnings conference calls and by failing to disclose a 2007 SQL injection attack on its payroll system in Securities and Exchange Commission filings. That December 2007 SQL injection attack was important because it gave criminals a back door into the company's payment processing system, the plaintiffs alleged. Ultimately hackers stole more than 130 million credit card numbers. But in her opinion, Judge Thompson said that because Heartland had not confirmed the credit card hack until January 2009, the company's executives were telling the truth when they told investors that they took security seriously. [...] ________________________________________ Did a friend send you this? From now on, be the first to find out! Subscribe to InfoSec News http://www.infosecnews.orgReceived on Sun Dec 13 2009 - 23:13:45 PST
This archive was generated by hypermail 2.2.0 : Sun Dec 13 2009 - 23:26:14 PST