Hy-Vee issues warning to customers after discovering point-of-sale breach


Link to original article – https://www.zdnet.com/article/hy-vee-issues-warning-to-customers-after-discovering-point-of-sale-breach/

By Catalin Cimpanu for Zero Day | August 18, 2019 — 19:31 GMT (12:31 PDT) | Topic: Security

Supermarket chain Hy-Vee has published a warning to customers this week after staff discovered a security breach on some of its point-of-sale (PoS) systems.

The company said that card transactions made at Hy-Vee fuel pumps, drive-thru coffee shops, and restaurants (Market Grilles, Market Grille Expresses, and Wahlburgers) may have been recorded by hackers.

“We believe the actions we have taken have stopped the unauthorized activity on our payment processing systems,” a Hy-Vee spokesperson said.

PoS systems installed in Hy-Vee’s more popular grocery stores, drugstores, and convenience stores were not impacted. The company said it was running a different PoS system in these locations, and that data processed on these PoS systems was encrypted and was “unreadable.”

Payments made through Aisles Online, Hy-Vee web-based transactions system, were also not impacted, it said.

Hy-Vee cited the early stages of its investigation as the reason why it couldn’t say what exact fuel pumps, drive-thru coffee shops, and restaurant locations were impacted.

The company promised an update later down the line, when it learns more.