Hy-Vee announced Wednesday that the company is investigating a data incident involving its payment processing systems.
Hy-Vee officials said the investigation is focused on transactions at some Hy-Vee fuel pumps, drive-thru coffee shops and restaurants. The company has been working with cybersecurity firms and law enforcement since the incident was first noticed.
Company officials said they believe they have stopped the unauthorized activity. They also noted the locations where these actions may have occurred have different point-of-sale systems than those located at the Hy-Vee grocery stores, drugstores and inside their convenience stores, which use point-to-point encryption technology for processing payment card transactions.
"This encryption technology protects card data by making it unreadable," Hy-Vee spokeswoman Tina Potthoff said. "Based on our preliminary investigation, we believe payment card transactions that were swiped or inserted on these systems, which are utilized at our checkout lanes, pharmacies, customer service counters, wine and spirits locations, floral departments, clinics and all other food service areas are not involved."
Potthoff said the company will notify customers as they get further clarity about the specific timeframes and locations that may have been involved.
If an unauthorized charge is noticed, Hy-Vee officials urged customers to notify their financial institution that issued the card because cardholders are not generally responsible for unauthorized charges reported in a timely manner. The phone number to call is typically located on the back of the payment card.
ON THE WEB: