The Mid-Western supermarket chain Hy-Vee has issued a warning that the payment card system was breached at several of its locations and services.
The 245-store chain said in an August 14 statement that there was an undefined security incident with the payment processing systems that handled transactions at some Hy-Vee fuel pumps, drive-thru coffee shops, and restaurants. The company did not say exactly what day the problem was discovered, nor what information was potentially involved, but it told its customers it has brought in an outside cybersecurity company to investigate the incident.
“We believe the actions we have taken have stopped the unauthorized activity on our payment processing systems,” Hy-Vee said, adding the investigation is focused on card transactions at its Market Grilles, Market Grille Expresses and the Wahlburgers locations that Hy-Vee owns and operates.
The payment system at these locations are separate from those used in the company’s grocery stores, pharmacies and convenience stores and so far there is no evidence any information was skimmed from these POS devices.
“Because the investigation is in its earliest stages, we do not have any additional details to provide at this time. We will provide notification to our customers as we get further clarity about the specific timeframes and locations that may have been involved,” the company said.