Hy-Vee Investigating Security Incident Around Credit Card Readers

DES MOINES — Hy-Vee Inc. is investigating a security incident involving its payment processing systems, including card readers at its fuel pumps, drive-thru coffee shops and restaurants, including its Market Grilles, Market Grille Expresses and the Wahlburgers locations that Hy-Vee owns and operates.

The retailer reported that it recently detected unauthorized activity on some of its systems and immediately engaged a cybersecurity firm to launch an investigation.

Hy-Vee does not believe that card readers at its convenience stores, grocery stores or drug stores, which use different point-of-sale systems, were compromised. Transactions processed through the Aisles Online ordering system are also not believed to have been affected.

The company has notified federal law enforcement officials and payment card networks.

"Because the investigation is in its earliest stages, we do not have any additional details to provide at this time," Hy-Vee wrote in a statement posted to its website. "We will provide notification to our customers as we get further clarity about the specific timeframes and locations that may have been involved.

Hy-Vee advised customers to monitor their payment card statements for unauthorized activity and immediately notify the financial institution that issued the card if any is discovered.

Des Moines-based Hy-Vee operates both convenience stores and grocery stores in Illinois, Iowa, Kansas, Minnesota, Missouri, Nebraska, South Dakota and Wisconsin.

Hy-Vee Food Stores Inc. was no. 47 on the 2019 Convenience Store News Top 100 list.