Hy-Vee: Possible breach found on payment processing system
Published 9:25 pm Wednesday, August 14, 2019
Hy-Vee announced Wednesday it is investigating a security incident involving its payment processing systems at some Hy-Vee fuel pumps, drive-thru coffee shops and restaurants.
The company said in a press release that after recently detecting unauthorized activity on some of its systems, it began an investigation with the help of a cybersecurity firm. It also notified federal law enforcement and payment card networks.
The release stated the fuel pumps, drive-thru coffee shops and restaurants have different point-of-sale systems than those in the grocery stores, drugstores and convenience stores, which utilize point-to-point encryption technology for processing payment card transactions. This technology protects card data by making it unreadable.
Based on preliminary investigation, the company said it believes card transactions at the grocery store checkout lanes, pharmacies, customer service counters, wine and spirits locations, floral departments, clinics and all other food services areas are not involved.
The company said it plans to provide notification to customers as further clarity about the specific time frames and locations are available.
It advised customers to closely monitor their payment card statements for unauthorized activity. If unauthorized charges are found, they should notify their financial institution that issued the card.