No, Shareholders Don't Get To Sue Heartland Just Because It Leaked More Data Than Anyone Else

from the that's-not-how-it-works dept

Last year, Heartland Payment Systems, leapt into the lead as being the company with the largest data breach of all time (well, that we know of), when it potentially leaked the personal info on somewhere over 100 million people. As typically happens in these sorts of things, a shareholder lawsuit was quickly filed from bummed out shareholders pissed off that the stock dropped (like off a cliff) following the announcement. But, of course, for there to be liability it takes a lot more than just the stock to drop, so it comes as little surprise that the lawsuit has been tossed, as the court said there was no evidence that Heartland execs knew their data was exposed. Friendly reminder to litigious shareholders: just because the company screws something up, it doesn’t mean you get to sue.

Filed Under: ,
Companies: heartland

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “No, Shareholders Don't Get To Sue Heartland Just Because It Leaked More Data Than Anyone Else”

Subscribe: RSS Leave a comment
Almost Anonymous (profile) says:

I disagree...

Seems to me, depending on the circumstances, the stockholders could sue for gross negligence. I’d be willing to bet their (Heartland’s) security was no where near what it should have been for the type of business they do. This is actually a HUGE problem with many companies, they treat their customer’s data (including extremely sensitive financial data) much to cavalierly, and they are not held accountable when their inadequate precautions contribute to a security breach. They should actually be facing criminal charges for allowing such a breach, but I’m sure that won’t happen.

Crazy Stuff says:

They had a public facing logon page that was susceptible to an SQL Injection attack in an organization that processes hundreds of millions of credit card transactions according to allegations in the amended complaint that got dismissed.

How could anything be more indicative of company wide negligence to not have cleaned this basic vulnerability up years ago? IMHO.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...