Heartland Payment Systems has agreed to pay $5 million to Discover to settle claims arising from the massive data breach disclosed by the payment processor last year.
In a brief statement on Wednesday, the Princeton, N.J.-based Heartland said the settlement "resolves all issues" between the two companies stemming from the intrusion.
"This settlement marks our final agreement with a card brand related to the intrusion," Heartland CEO Robert Carr said in the statement.
In January, Heartland agreed to set aside $60 million to reimburse banks issuing Visa cards , for breach-related costs. Heartland has also agreed to pay $3.6 million to settle claims brought against it by American Express and more than $41 million to reimburse MasterCard issuers for breach-related costs.
In addition to settling with the major card brands, Heartland also has offered to pay $4 million to settle a consolidated consumer class action lawsuit being heard in Texas.
All of the settlement money has come from the $140 million Heartland set aside to cover the costs related to the breach. That amount includes more than $26 million in legal costs.
Heartland, one of the largest processors of payment card transactions in the U.S., disclosed in January 2009 that hackers had broken into its systems in 2008 and stolen credit and debit card data. Authorities later said that data on as many as 130 million credit and debit cards had been stolen, making it the largest ever breach involving payment card data .
The intrusions at Heartland and several other major retailers were later traced to a gang of cyber thieves led by Miami-based Albert Gonzalez who was sentenced in March to 20 years in federal prison.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org .
Read more about security in Computerworld's Security Topic Center.