Heartland Data Breach - Legal Update from Attorney Richard Coffman

Credit EligibleAs a BankInfoSecurity.com annual member, this content can be used toward your membership credits and transcript tracking. Click For More Info

Texas attorney Richard Coffman was the first to file a class action suit against Heartland Payment Systems (HPY) after its data breach was announced publicly this past January.

In an exclusive interview, Coffman discusses:

After practicing several years as a CPA with two international accounting firms, Coffman received his law degree from the University of Texas in 1989. He began his legal career in Houston with a large Texas law firm where he represented plaintiffs and defendants in commercial litigation. Since that time, his own law practice, the Coffman Law Firm, has focused on business cases, consumer cases, complex commercial litigation and class actions.

TOM FIELD: Hello, this is Tom Field, Editorial Director with Information Security Media Group. We are talking today about the Heartland Payment Systems legal case and with us is Richard Coffman, an attorney with the Coffman Law Firm in Beaumont, Texas. Mr. Coffman, thanks for taking time to speak with me today.

RICHARD COFFMAN: You are most welcome.

FIELD: Why don't you give us some sense of what your role is in the Heartland cases that are winding through the courts now?

COFFMAN: The first thing you have to understand is that this litigation is really broken down into three segments. All of the cases that have been filed so far have been filed in various federal courts around the country. There have been about 20 plus cases filed on behalf of consumers, as we now speak about ten cases filed on behalf of financial institutions, banks and credit unions, and another four cases being securities fraud type cases.

Click to Get Updates on the Latest Information Security News

Company* Title* Email* Subscription Type: HTML Text Healthcare Enews General Healthcare Enews Blogs Enews Careers Enews Training Enews Webinars Enews Podcasts Enews White Papers Enews Government Enews General Government Enews Blogs Enews Careers Enews Training Enews Webinars Enews Podcasts Enews White Papers Enews Banking Enews General Banking Enews Blogs Enews Careers Enews Training Enews Webinars Enews Podcasts Enews White Papers Enews Credit Union Enews General Credit Union Enews Blogs Enews Careers Enews Training Enews Webinars Enews Podcasts Enews White Papers Enews Need Help?

I happen to represent financial institutions in the bank and credit union segment of this litigation.

FIELD: Now how did you get involved in the matter Richard?

COFFMAN: I have a client in Kansas City and he sits on the Board of Directors of a bank, a small country bank known as Lone Summit Bank out in Missouri, and I just happened to be in Kansas City with him when the news broke. He knew that I had prosecuted data breach cases in the past and he asked me if I would be willing to represent Lone Summit Bank in this litigation, since they got hit pretty hard by this data breach. And as a result I filed the Lone Summit Bank case in federal court in Trenton, New Jersey, which happened to be the first financial institution case filed in the Heartland data breach litigation.

FIELD: Now I know there is some news this week, where are we now in the legal process with the suits that you are involved with?

COFFMAN: In the federal court system there is a mechanism known as multi-district litigation consolidation. It is done by the Multi-District Litigation Panel, which is a select panel of federal judges. This panel meets every other month. It met in late May in Louisville, Kentucky.

Pursuant to these provisions the federal court system can consolidate litigation, they can consolidate various cases that are filed around the country in federal courts that are alleging virtually identical claims against the same defendant. All of these cases can be brought together and consolidated and coordinated for pre-trial purposes and for efficiency sake, in one federal court.

The hearing took place, again on May 27th, and just about all of the parties involved, Heartland and most of the plaintiffs, argued that the case be consolidated in Houston. The parties were requesting Houston because even though Heartland is based in Princeton, New Jersey, its IT operations that gave rise to the data breach are actually located in Texas.

On June 10th, the MDL panel issued its order and has now sent the litigation to Judge Lee Rosenthal who is a federal district judge in Houston, Texas.

FIELD: So I know we have a long way to go here and this will be unwinding for a while, but what types of historic cases can we look to for precedence, if any?

COFFMAN: There is really only one class action data breach case that I am aware of in which banks and credit unions were plaintiffs and that is the TJX data breach case, which prior to the Heartland breach case was the largest data breach case in United States history. I can say that the banks initially did not fair well in that case for several reasons, none of which exist in this case in my opinion.