Midwestern grocery-and-gas chain Hy-Vee is looking into a possible breach of its payment-card system, the company announced yesterday (Aug. 14).
"We want to make customers aware of an investigation we are conducting into a security incident involving our payment-processing systems that is focused on transactions at some Hy-Vee fuel pumps, drive-thru coffee shops, and restaurants," the company said in a statement posted on its website.
The number of customers or Hy-Vee locations affected was not disclosed, but the breach does not involve the payment-card-reader systems used by Hy-Vee's supermarkets, drugstores or convenience stores. However, Hy-Vee restaurants, including Market Grilles, Market Grille Expresses and the Hy-Vee-operated Wahlburgers locations, are affected.
"Because the investigation is in its earliest stages, we do not have any additional details to provide at this time," Hy-Vee said. "We will provide notification to our customers as we get further clarity about the specific timeframes and locations that may have been involved."
As you might expect, if you've used a credit, debit or charge card at a Hy-Vee gas station, coffeeshop or restaurant in the past year, you should check your account statements and/or account website for unauthorized activity.
The good news is that U.S. credit-card holders are almost never held liable for unauthorized use of stolen credit-card accounts. Debit-card holders have fewer protections. But you'll generally be protected if you immediately report anything amiss to your card issuer (not Visa or Mastercard, but the bank or other entity whose name is on the card).
Hy-Vee, founded in 1930, is based in West Des Moines, Iowa, and operates supermarkets, gas stations, convenience stories, drugstores, restaurants, liquor stores and coffeeshops in Iowa and the neighboring states of Illinois, Kansas, Minnesota, Missouri, Nebraska, South Dakota and Wisconsin.