27 February 2017
Visit EBAday.com

Retailer sues Visa over data breach penalties

12 March 2013  |  9236 views  |  0 Copenhagen spire

US retailer Genesco is suing Visa to recover more than £13 million in penalties it was hit with for a 2010 data breach.

In a complaint filed last week in Tennessee, Genesco says that the penalties imposed by Visa for alleged PCI security standards failings were not authorised under the card giant's own rules and breached its own contracts with acquiring banks.

In 2010 hackers hit Genesco's systems, installing "packet sniffing" software designed to steal payment card details. However, the firm says in its complaint - published by Wired - that it found no forensic evidence that account data was stolen.

Despite this, Visa fined the retailer's acquiring banks Fifth Third Bank and Wells Fargo $5000 each and levied another $13.3 million to cover operating expenses and fraudulent charges made to the accounts. The banks then took the money from Genesco's accounts.

The retailer says that it did not violate PCI rules. It maintains that the "packet sniffing" software in its systems was designed to taking advantage of a PCI DSS protocol feature which means that the account data needed to approve a mag-stripe transaction can be transmitted unencrypted.

In fact, the complaint says that Visa levied the penalties despite the fact that several of its own requirements - including that there was a PCI violation that enabled the theft and that details of at least 10,000 accounts were stolen - were not met.

The case has echos of an earlier suit filed against US Bank by the owners of Cisero's Ristorante and Nightclub in Park City, Utah. Cisero's is pursuing the bank for $90,000 in fines levied by Visa and MasterCard over an alleged PCI breach. The Genesco suit is the first to be filed against the card schemes which oversee the PCI standard.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

PayOne files patent suit against Home Depot over use of PayPal POS tech

PayOne files patent suit against Home Depot over use of PayPal POS tech

06 March 2013  |  8527 views  |  3 comments | 7 tweets | 5 linkedin
Global Payments taken off PCI lists over data breach

Global Payments taken off PCI lists over data breach

02 May 2012  |  8723 views  |  0 comments
PCI security standards in the dock

PCI security standards in the dock

12 January 2012  |  11381 views  |  7 comments
Visa and MasterCard face ATM price-fixing suit

Visa and MasterCard face ATM price-fixing suit

12 October 2011  |  6216 views  |  0 comments
Atlanta Fed staffer questions value of PCI guidelines

Atlanta Fed staffer questions value of PCI guidelines

01 June 2011  |  9421 views  |  2 comments
Heartland settlement with Visa prompts lawsuit against acquiring banks

Heartland settlement with Visa prompts lawsuit against acquiring banks

21 January 2010  |  9075 views  |  0 comments
Restaurants sue POS vendor over data breach

Restaurants sue POS vendor over data breach

26 November 2009  |  11023 views  |  0 comments

Related company news

 

Related blogs

Create a blog about this story (membership required)
visit BNP paribasvisit dh.com

Who is commenting?

A Finextra member Finextra Member Commented on: In wake of Cloudflare...
A Finextra member Finextra Member Commented on: Bank consultancy Zeb o...
A Finextra member Finextra Member Commented on: In wake of Cloudflare...

Top topics

Most viewed Most shared
EBA to relax controversial PSD2 authentication rulesEBA to relax controversial PSD2 authentica...
13326 views comments | 52 tweets | 74 linkedin
RBS to become fintech fund and high street outlet for challenger banks under HMT remedyRBS to become fintech fund and high street...
8758 views comments | 40 tweets | 34 linkedin
BNY Mellon seeks blockchain experts for new emerging biz and tech teamBNY Mellon seeks blockchain experts for ne...
7461 views comments | 7 tweets | 4 linkedin
hands typing furiouslyBlockchain Technology
7234 views 1 | 18 tweets | 7 linkedin
High rate of defaults hit P2P lending sectorHigh rate of defaults hit P2P lending sect...
7086 views comments | 19 tweets | 13 linkedin

Featured job

Six Figure Base + Commission + Stock Options
London

Find your next job