Hy-Vee is investigating an unspecified “security incident” involving credit card readers at some Hy-Vee fuel pumps, drive-thru coffee shops and restaurants.

The West Des Moines-based grocery chain says it doesn’t believe its credit card readers at grocery stores, drugstores and convenience stores have been compromised. These have higher-end encryption security systems.

“Based on our preliminary investigation, we believe payment card transactions that were swiped or inserted on these systems, which are utilized at our front-end checkout lanes, pharmacies, customer service counters, wine and spirits locations, floral departments, clinics and all other food service areas, as well as transactions processed through Aisles Online, are not involved,” Hy-Vee said in a statement released Wednesday.

Instead, the investigation is focused on card transactions that occurred at fuel pumps, drive-thru coffee shops and restaurants.

Hy-Vee said it detected unauthorized activity on some of its payment processing systems in late July and immediately launched an investigation with the assistance of a cybersecurity firm. The store also has notified federal law enforcement officials and payment card networks.

“We believe the actions we have taken have stopped the unauthorized activity,” the company said in the statement. “Because the investigation is in its earliest stages, we do not have additional details to release at this time.”

It’s too early in the investigation, a Hy-Vee spokeswoman said, to determine how many people’s payment card data may have been involved.

As the company learns more it will release additional information, including on the time frames and locations involved.

As is routine with personal financial security, Hy-Vee advised customers to monitor credit and debit card statements for unauthorized activity. If you see an unauthorized charge, notify the issuer of the card quickly to avoid being held responsible for the charge.

Sign up for The Daily Nonpareil news alerts

* I understand and agree that registration on or use of this site constitutes agreement to its user agreement and privacy policy.

(0) comments

Welcome to the discussion.

Keep it Clean. Please avoid obscene, vulgar, lewd, racist or sexually-oriented language.
Don't Threaten. Threats of harming another person will not be tolerated.
Be Truthful. Don't knowingly lie about anyone or anything.
Be Nice. No racism, sexism or any sort of -ism that is degrading to another person.
Be Proactive. Use the 'Report' link on each comment to let us know of abusive posts.
Share with Us. We'd love to hear eyewitness accounts, the history behind an article.