TOP CYBER NEWS

  • HOME
  • ATTACKS
  • MALWARES
  • STRATEGIES
  • THREATS
    • Threat Defense
    • Threats Analysis

Incident Of The Week UPDATE: Hy-Vee Details Investigation Into 2019 Payment Card Data Breach

by Top Cyber News / Saturday, 05 October 2019 / Published in Malware

Midwestern U.S. retailer Hy-Vee disclosed investigation findings this week from a data breach announced in mid-August impacting millions of customers utilizing its food and service point-of-sale (PoS) transaction machines.

The investigation identified the operation of malware designed to access payment card data from cards used on PoS devices at certain Hy-Vee fuel pumps, drive-thru coffee shops, and restaurants (which include the company’s Hy-Vee Market Grilles, Hy-Vee Market Grille Expresses and the Wahlburgers locations that Hy-Vee owns and operates). The Hy-Vee corporate cafeteria in West Des Moines, Iowa was also part of the malware infestation.

The malware searched for track data (which sometimes has the cardholder name in addition to card number, expiration date, and internal verification code) read from a payment card as it was being routed through the PoS device. However, for some locations, the malware was not present on all PoS devices at the location, and it appears that the malware did not copy data from all of the payment cards used during the period that it was present on a given PoS device. The investigation found no indication that other customer information was accessed.

See Related: Incident Of The Week: Millions Of Hy-Vee Customer Payment Cards Appear For Sale Online

The specific timeframes when data from cards used at these locations involved may have been accessed vary by location over the general timeframe beginning December 14, 2018, to July 29, 2019 for fuel pumps and beginning January 15, 2019, to July 29, 2019, for restaurants and drive-thru coffee shops. There are six locations where access to card data may have started as early as November 9, 2018, and one location where access to card data may have continued through August 2, 2019. A list of the locations involved and specific timeframes is accessible from the company’s website. Hy-Vee is also sending notification to affected customers where contact information is available.

Payment card transactions were not involved at Hy-Vee front-end checkout lanes; inside convenience stores; pharmacies; customer service counters; wine & spirits locations; floral departments; clinics; and all other food service areas which utilize point-to-point encryption technology, as well as transactions processed through Aisles Online.

During the investigation, the company worked with cyber security experts to remove the malware and implement enhanced security measures, and it continues to work to evaluate additional ways to enhance the security of payment card data. In addition, Hy-Vee continues to support law enforcement’s investigation and it is working with the payment card networks so that the banks that issue payment cards can be made aware and initiate heightened monitoring.

Background On The Initial Data Breach Disclosure

An online carding bazaar transaction of 5.3 million payment card details corroborated recent reports that Midwestern U.S. retailer Hy-Vee customers paying at the store’s fuel pumps, coffee shop drive-thrus, and restaurants could have fallen victim to the attack and subsequent data breach.

Hy-Vee operates more than 240 retail stores in eight Midwestern states, including Illinois, Iowa, Kansas, Minnesota, Missouri, Nebraska, South Dakota and Wisconsin. In August, the company announced it was investigating a payment card incident at some Hy-Vee fuel pumps, drive-thru coffee shops, and restaurants where unauthorized activity on some of its payment processing systems had been detected.

These Hy-Vee locations have different PoS systems (allowing for the card to be swiped rather than inserted and requiring additional user security input) than those located at the company’s grocery stores, drugstores, and inside its convenience stores, which utilize point-to-point encryption technology for processing payment card transactions. This point-to-point encryption technology protects card data by making it unreadable.

See Related: Incident Of The Week: 567K Accounts Exposed In Cheddar’s Restaurant Breach

The online “dump” of payment card data appeared online under the breach codename “Solar Energy,” according to reports and images shared with blog Krebs on Security. Dump purchasers receive a file that can push out values to reprogrammable dummy credit card magnetic strips and replicate the physical card to perform fraudulent transactions.

Retailers have consistently remained a leading target for payment card fraud. As retail brands implement more security practices, we hear less about the “big box” stores, such as Dixons Carphone UK, Target, and Walmart, reporting these data breaches. Regional chains, such as Hy-Vee, become higher-value targets for attackers.

See Related: Cyber Pros Offer Insight On Credit Card Fraud, Mobile Payments & Data Scandal

cyber_payment_card_Hundreds of millions of credit cards and debit cards are in circulation within the United States. The transition from swiping the card’s magnetic strip to requiring a chip + PIN combination (EMV) has essentially been completed. However, the point-of-sale transaction machines have not been mandated to make the conversion. The risk of skimming (double swiping to “skim” the card info into a separate database) still exists at fuel pumps and other legacy transaction terminals.

PCI transaction compliance has demonstrated resiliency for payment card transactions that adhere to the EMV chip + PIN authorization process. The combination of skimming and non-chip PoS terminals remains a channel for attackers to gleam payment card data from unsuspecting users.

See Related: Top 5 Cyber Security Breaches Of 2019 So Far



Post Views: 279
Tagged under: 2019, Breach, Card, data, Details, HyVee, Incident, Investigation, Payment, Update, Week

What you can read next

Incident Of The Week: Drupal Vuln. Being Exploited By ‘Muhstik’ Botnet
Remove the Click allow to verify that you are not a robot page
Incident Of The Week: Checkers Restaurants Details Data Breach

16 Comments to “ Incident Of The Week UPDATE: Hy-Vee Details Investigation Into 2019 Payment Card Data Breach”

  1. http://www.Plazoo.com/ says :Reply
    October 5, 2019 at 6:20 AM

    I drop a comment each time I especially enjoy a article on a site or if I have something to add
    to the discussion. It is triggered by the passion communicated
    in the post I looked at. And after this post Incident Of The Week UPDATE: Hy-Vee Details Investigation Into 2019 Payment Card Data Breach –
    TOP CYBER NEWS. I was moved enough to leave a comment 🙂
    I actually do have 2 questions for you if it’s allright.
    Is it only me or does it appear like a few of these comments look like they are written by brain dead individuals?
    😛 And, if you are posting on additional sites, I would like to follow you.

    Could you list every one of all your public
    sites like your Facebook page, twitter feed,
    or linkedin profile?

  2. ปั้มไลค์ says :Reply
    October 5, 2019 at 7:12 AM

    Like!! I blog quite often and I genuinely thank you for your information. The article has truly peaked my interest.

  3. world record says :Reply
    October 11, 2019 at 9:06 PM

    I’m Geneva (22) from Beverlo, Belgium.
    Ӏ’m learnning Dutch literature аt a local college and I’m
    just about to graduate.
    Ι haѵе a part time job iin a university. https://myinfoseruku.blogspot.com

  4. https://letmejerk.com says :Reply
    October 20, 2019 at 10:13 AM

    Hello mates, іts impressive article concewrning tutoringand fսlly explained, ҝeep іt up all tһe
    time.

  5. Cameroon Music says :Reply
    October 27, 2019 at 12:38 PM

    If you love to download music, grab all lastest hits for free
    Stream and Download Latest Mp3 and Albums Free from Mybebine

  6. 우체국 실손보험 says :Reply
    October 30, 2019 at 10:40 AM

    Everyone loves what you guys are usually up too. This type
    of clever work and exposure! Keep up the great works guys I’ve incorporated you guys to our blogroll. http://xn--3e0br9shkdnqbe0ltkgw7atzy5vu.kr/

  7. Free Themes says :Reply
    November 3, 2019 at 7:31 AM

    Most Downloaded Null Opencart Plugins and Mobile Nulled Vbulletin Extensions.

    Order Manager null Themes, WpDefender Pro nulled Theme,
    Betheme null Plugins, Free Download IpBoard Modules and Simpe
    Null WordPress Plugins, Free Download Xenforo Extensions and Best Pro Version Prestashop Plugins, Full Version WordPress Plugins and Flat Null Data Life Engine Templates
    also for errors of laravel http://drsaurabhaoncologist.com/what-are-some-well-known-professional-web-design-companies-answerscom

  8. cat hat says :Reply
    November 14, 2019 at 1:05 AM

    hello there and thank you for your info ? I have definitely picked up something new from right here.
    I did however expertise some technical issues using this site, as I experienced to reload
    the website a lot of times previous to I could get it to load correctly.
    I had been wondering if your web host is OK? Not that I am complaining, but
    slow loading instances times will often affect your placement in google
    and could damage your high-quality score if ads and marketing with Adwords.
    Anyway I?m adding this RSS to my email and could look out for
    a lot more of your respective intriguing content. Ensure
    that you update this again soon..

  9. hàng đồng giá vĩNh long says :Reply
    November 14, 2019 at 6:56 AM

    It’s genuinely very complex in this active life to listen news on TV, therefore
    I only use the web for that purpose, and obtain the
    latest news.

  10. nguồn hàng bán buôn vĩnh Long says :Reply
    November 14, 2019 at 11:52 AM

    I think this is among the most important info for me.
    And i am glad studying your article. But wanna observation on some basic things, The web
    site taste is great, the articles is in point of fact nice :
    D. Excellent process, cheers

  11. Nguồn hàng vĩnh long says :Reply
    November 14, 2019 at 2:18 PM

    I delight in, cause I found just what I was taking a look for.

    You’ve ended my four day lengthy hunt! God Bless you man. Have a great day.
    Bye

  12. Edythe says :Reply
    November 15, 2019 at 12:53 AM

    I have to thank you for the efforts you have put in writing this website.
    I’m hoping to check out the same high-grade blog posts from
    you later on as well. In fact, your creative writing abilities has motivated me to get my own website now 😉

  13. android browser says :Reply
    November 23, 2019 at 1:40 PM

    Aon Adblock Plus is the most android mini browser and its the
    best alternative of Opera Mini
    Aon Adblock Plus browser for Android is mini browser that blocks all
    annoying ads all over the web: remove video ads, popups and banners.
    Browse faster, safer without ads android browser.
    Save your data, battery and time by using Aon Ad block plus mini browser.

    Browser for Android : Aon presents best web reading experince thanks to its ad filter capabilities.
    You will look at the web, cosily in your opera box not on an ordinary seat.

    It has special filters for rectangle, leaderboard, half page, skyscrapper, interstitial, square, billboard, panorama and other banner / ads
    types .
    Browse privately – Incognito Mode – We all have pages we don’t want to remember visiting.

    If you don’t want something saved in your history, you can browse incognito with private tabs.

    For Tablets Aon also developed for android tablets. You will have a fast one of web browsers for android
    tablets that support 3G or 4G connection. It doesnt matter 3G, 4G, 5G. http://edytem.univ-savoie.fr/gfg/spip.php?page=recherche&recherche=https%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%3Dtr.abak.simsekTarayici&submit.x=0&submit.y=0&lang=fr

  14. wormateio gameplay says :Reply
    December 2, 2019 at 9:14 PM

    Pretty section of content. I just stumbled upon your blog and in accession capital to assert that I acquire
    in fact enjoyed account your blog posts. Anyway
    I will be subscribing to your augment and even I achievement you access consistently quickly.

  15. Android Apps says :Reply
    December 7, 2019 at 5:57 AM

    Top Mobile Apps with mods. Android Apps (Phillipp) .Direct and easy downloads.
    Reviews and comments. http://www.adamziani.com/Best_Live_TV_Streaming_Services_For_Cord_Cutters_In_2019

  16. nguồn hàng bán buôn says :Reply
    December 8, 2019 at 12:17 AM

    Nice blog! Is your theme custom made or did you download it from somewhere?
    A design like yours with a few simple adjustements would really make my blog shine.
    Please let me know where you got your design. Thanks a lot

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • How Attackers Used Look-Alike Domains to Steal $1 …

    Money meant to fund an Israeli startup wound up...
  • Data Center Provider CyrusOne Confirms Ransomware …

    The attack struck CyrusOne’s managed serv...
  • Senators Call for End to Controversial NSA Program

    The program for collecting telephone call metad...
  • Preparing The Secure Enterprise By Becoming Your Enemy

    Addressing The Challenges Of Securing Dynamic S...
  • VPN Flaw Allows Criminal Access to Everything on Victims' Computers

    Vulnerability in the Aviatrix VPN client, since...

Flights & Hotel Finder

Archives

  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • July 2014
  • June 2014
  • May 2014
  • July 2013
  • January 2013
  • May 2011

Categories

  • Attacks
  • Cyber Security
  • Malware
  • RESOURCES
  • Strategies
  • Threat Defense
  • Threats
  • Threats Analysis

Mission

We aim to provide you the most recent updates and news on cyber matters in this digital world.

Reach us via: [email protected]

© 2018. All rights reserved by Top Cyber News.
Creative Commons License

TOP