25 September 2017
Find out more

Savvis faces bank lawsuit over CardSystems data breach

26 May 2009  |  13711 views  |  0 credit card

Merrick Bank has launched a multi-million dollar lawsuit against Savvis, accusing the vendor of erroneously telling it that CardSystems Solutions complied with Visa and MasterCard security regulations less than a year before the payment processor's systems were hacked, compromising up to 40 million credit card accounts.

Atlanta-based CardSystems - now owned by Pay By Touch - identified a security incident in May 2005 that exposed more than 40 million credit cards to hackers.

The following year the company agreed to settle federal charges that it failed to protect the financial data of millions of consumers. The US Federal Trade Commission (FTC) said the breach "led to millions of dollars in fraudulent purchases".

The FTC concluded CardSystems created unnecessary risks to the information by storing it and failed to ensure that its network was secure from attacks.

Merrick, which is an acquiring bank for around 125,000 merchants, has now filed a federal complaint claiming the breach cost it around $16 million in payments to Visa and MasterCard for using a processor that did not meet their standards as well as payouts to affected banks and legal fees.

Before the breach Merrick agreed to use CardSystems for processor and independent sales services if it proved compliance with Visa and MasterCard security requirements.

The processor asked Savvis to assess and certify its compliance and got the all clear, and consequently the Merrick contract.

Less than a year later the security breach occurred. Merrick says hackers were able to get hold of the data because CardSystems kept unencrypted card information on its servers - in contravention of the regulations for which Savvis certified it.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Heartland to fight MasterCard data breach fine

Heartland to fight MasterCard data breach fine

12 May 2009  |  11146 views  |  0 comments
Hackers steal 285m electronic records in 2008 - Verizon

Hackers steal 285m electronic records in 2008 - Verizon

15 April 2009  |  12706 views  |  0 comments
Visa pulls Heartland and RBS WorldPay from PCI DSS compliance list

Visa pulls Heartland and RBS WorldPay from PCI DSS compliance list

17 March 2009  |  16939 views  |  5 comments
Citi re-issues cards following merchant breach

Citi re-issues cards following merchant breach

23 February 2009  |  13046 views  |  1 comments
Police make first arrests in Heartland breach case

Police make first arrests in Heartland breach case

16 February 2009  |  12436 views  |  2 comments
TJX settles with MasterCard over security breach

TJX settles with MasterCard over security breach

03 April 2008  |  7614 views  |  0 comments
TJX settles with Visa

TJX settles with Visa

30 November 2007  |  5731 views  |  0 comments
TJX breach gets bigger with 94 million card numbers exposed

TJX breach gets bigger with 94 million card numbers exposed

25 October 2007  |  9850 views  |  0 comments
CardSystems settles federal charges

CardSystems settles federal charges

24 February 2006  |  8518 views  |  0 comments
Savvis suspends CEO over strip club bill

Savvis suspends CEO over strip club bill

26 October 2005  |  10845 views  |  0 comments
Pay By Touch to acquire CardSystems Solutions

Pay By Touch to acquire CardSystems Solutions

17 October 2005  |  8518 views  |  0 comments
Visa USA bans CardSystems from handling transactions

Visa USA bans CardSystems from handling transactions

19 July 2005  |  10346 views  |  0 comments

Related company news

 
visit www.ncr.comdownload the paper nowvisit www.vasco.com

Top topics

Most viewed Most shared
HSBC switches on selfie payments in ChinaHSBC switches on selfie payments in China
13764 views comments | 29 tweets | 44 linkedin
AXA launches blockchain to cover late flight compensationAXA launches blockchain to cover late flig...
10550 views comments | 14 tweets | 30 linkedin
SBI Ripple Asia advances on South KoreaSBI Ripple Asia advances on South Korea
8741 views comments | 16 tweets | 1 linkedin
Apple P2P payments service nears launchApple P2P payments service nears launch
8705 views comments | 19 tweets | 27 linkedin
ISO 20022: The common language of choiceISO 20022: The common language of choice
8459 views comments | 1 tweets | 2 linkedin

Featured job

Competitive base, double ote, benefits
London, UK

Find your next job