Midwestern U.S. retailer Hy-Vee disclosed investigation findings this week from a data breach announced in mid-August impacting millions of customers utilizing its food and service point-of-sale (PoS) transaction machines.
The investigation identified the operation of malware designed to access payment card data from cards used on PoS devices at certain Hy-Vee fuel pumps, drive-thru coffee shops, and restaurants (which include the company’s Hy-Vee Market Grilles, Hy-Vee Market Grille Expresses and the Wahlburgers locations that Hy-Vee owns and operates). The Hy-Vee corporate cafeteria in West Des Moines, Iowa was also part of the malware infestation.
The malware searched for track data (which sometimes has the cardholder name in addition to card number, expiration date, and internal verification code) read from a payment card as it was being routed through the PoS device. However, for some locations, the malware was not present on all PoS devices at the location, and it appears that the malware did not copy data from all of the payment cards used during the period that it was present on a given PoS device. The investigation found no indication that other customer information was accessed.
See Related: Incident Of The Week: Millions Of Hy-Vee Customer Payment Cards Appear For Sale Online
The specific timeframes when data from cards used at these locations involved may have been accessed vary by location over the general timeframe beginning December 14, 2018, to July 29, 2019 for fuel pumps and beginning January 15, 2019, to July 29, 2019, for restaurants and drive-thru coffee shops. There are six locations where access to card data may have started as early as November 9, 2018, and one location where access to card data may have continued through August 2, 2019. A list of the locations involved and specific timeframes is accessible from the company’s website. Hy-Vee is also sending notification to affected customers where contact information is available.
Payment card transactions were not involved at Hy-Vee front-end checkout lanes; inside convenience stores; pharmacies; customer service counters; wine & spirits locations; floral departments; clinics; and all other food service areas which utilize point-to-point encryption technology, as well as transactions processed through Aisles Online.
During the investigation, the company worked with cyber security experts to remove the malware and implement enhanced security measures, and it continues to work to evaluate additional ways to enhance the security of payment card data. In addition, Hy-Vee continues to support law enforcement’s investigation and it is working with the payment card networks so that the banks that issue payment cards can be made aware and initiate heightened monitoring.
Background On The Initial Data Breach Disclosure
An online carding bazaar transaction of 5.3 million payment card details corroborated recent reports that Midwestern U.S. retailer Hy-Vee customers paying at the store’s fuel pumps, coffee shop drive-thrus, and restaurants could have fallen victim to the attack and subsequent data breach.
Hy-Vee operates more than 240 retail stores in eight Midwestern states, including Illinois, Iowa, Kansas, Minnesota, Missouri, Nebraska, South Dakota and Wisconsin. In August, the company announced it was investigating a payment card incident at some Hy-Vee fuel pumps, drive-thru coffee shops, and restaurants where unauthorized activity on some of its payment processing systems had been detected.
These Hy-Vee locations have different PoS systems (allowing for the card to be swiped rather than inserted and requiring additional user security input) than those located at the company’s grocery stores, drugstores, and inside its convenience stores, which utilize point-to-point encryption technology for processing payment card transactions. This point-to-point encryption technology protects card data by making it unreadable.
See Related: Incident Of The Week: 567K Accounts Exposed In Cheddar’s Restaurant Breach
The online “dump” of payment card data appeared online under the breach codename “Solar Energy,” according to reports and images shared with blog Krebs on Security. Dump purchasers receive a file that can push out values to reprogrammable dummy credit card magnetic strips and replicate the physical card to perform fraudulent transactions.
Retailers have consistently remained a leading target for payment card fraud. As retail brands implement more security practices, we hear less about the “big box” stores, such as Dixons Carphone UK, Target, and Walmart, reporting these data breaches. Regional chains, such as Hy-Vee, become higher-value targets for attackers.
See Related: Cyber Pros Offer Insight On Credit Card Fraud, Mobile Payments & Data Scandal
Hundreds of millions of credit cards and debit cards are in circulation within the United States. The transition from swiping the card’s magnetic strip to requiring a chip + PIN combination (EMV) has essentially been completed. However, the point-of-sale transaction machines have not been mandated to make the conversion. The risk of skimming (double swiping to “skim” the card info into a separate database) still exists at fuel pumps and other legacy transaction terminals.
PCI transaction compliance has demonstrated resiliency for payment card transactions that adhere to the EMV chip + PIN authorization process. The combination of skimming and non-chip PoS terminals remains a channel for attackers to gleam payment card data from unsuspecting users.
See Related: Top 5 Cyber Security Breaches Of 2019 So Far
I drop a comment each time I especially enjoy a article on a site or if I have something to add
to the discussion. It is triggered by the passion communicated
in the post I looked at. And after this post Incident Of The Week UPDATE: Hy-Vee Details Investigation Into 2019 Payment Card Data Breach –
TOP CYBER NEWS. I was moved enough to leave a comment 🙂
I actually do have 2 questions for you if it’s allright.
Is it only me or does it appear like a few of these comments look like they are written by brain dead individuals?
😛 And, if you are posting on additional sites, I would like to follow you.
Could you list every one of all your public
sites like your Facebook page, twitter feed,
or linkedin profile?
Like!! I blog quite often and I genuinely thank you for your information. The article has truly peaked my interest.
I’m Geneva (22) from Beverlo, Belgium.
Ӏ’m learnning Dutch literature аt a local college and I’m
just about to graduate.
Ι haѵе a part time job iin a university. https://myinfoseruku.blogspot.com
Hello mates, іts impressive article concewrning tutoringand fսlly explained, ҝeep іt up all tһe
time.
If you love to download music, grab all lastest hits for free
Stream and Download Latest Mp3 and Albums Free from Mybebine
Everyone loves what you guys are usually up too. This type
of clever work and exposure! Keep up the great works guys I’ve incorporated you guys to our blogroll. http://xn--3e0br9shkdnqbe0ltkgw7atzy5vu.kr/
Most Downloaded Null Opencart Plugins and Mobile Nulled Vbulletin Extensions.
Order Manager null Themes, WpDefender Pro nulled Theme,
Betheme null Plugins, Free Download IpBoard Modules and Simpe
Null WordPress Plugins, Free Download Xenforo Extensions and Best Pro Version Prestashop Plugins, Full Version WordPress Plugins and Flat Null Data Life Engine Templates
also for errors of laravel http://drsaurabhaoncologist.com/what-are-some-well-known-professional-web-design-companies-answerscom
hello there and thank you for your info ? I have definitely picked up something new from right here.
I did however expertise some technical issues using this site, as I experienced to reload
the website a lot of times previous to I could get it to load correctly.
I had been wondering if your web host is OK? Not that I am complaining, but
slow loading instances times will often affect your placement in google
and could damage your high-quality score if ads and marketing with Adwords.
Anyway I?m adding this RSS to my email and could look out for
a lot more of your respective intriguing content. Ensure
that you update this again soon..
It’s genuinely very complex in this active life to listen news on TV, therefore
I only use the web for that purpose, and obtain the
latest news.
I think this is among the most important info for me.
And i am glad studying your article. But wanna observation on some basic things, The web
site taste is great, the articles is in point of fact nice :
D. Excellent process, cheers
I delight in, cause I found just what I was taking a look for.
You’ve ended my four day lengthy hunt! God Bless you man. Have a great day.
Bye
I have to thank you for the efforts you have put in writing this website.
I’m hoping to check out the same high-grade blog posts from
you later on as well. In fact, your creative writing abilities has motivated me to get my own website now 😉
Aon Adblock Plus is the most android mini browser and its the
best alternative of Opera Mini
Aon Adblock Plus browser for Android is mini browser that blocks all
annoying ads all over the web: remove video ads, popups and banners.
Browse faster, safer without ads android browser.
Save your data, battery and time by using Aon Ad block plus mini browser.
Browser for Android : Aon presents best web reading experince thanks to its ad filter capabilities.
You will look at the web, cosily in your opera box not on an ordinary seat.
It has special filters for rectangle, leaderboard, half page, skyscrapper, interstitial, square, billboard, panorama and other banner / ads
types .
Browse privately – Incognito Mode – We all have pages we don’t want to remember visiting.
If you don’t want something saved in your history, you can browse incognito with private tabs.
For Tablets Aon also developed for android tablets. You will have a fast one of web browsers for android
tablets that support 3G or 4G connection. It doesnt matter 3G, 4G, 5G. http://edytem.univ-savoie.fr/gfg/spip.php?page=recherche&recherche=https%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%3Dtr.abak.simsekTarayici&submit.x=0&submit.y=0&lang=fr
Pretty section of content. I just stumbled upon your blog and in accession capital to assert that I acquire
in fact enjoyed account your blog posts. Anyway
I will be subscribing to your augment and even I achievement you access consistently quickly.
Top Mobile Apps with mods. Android Apps (Phillipp) .Direct and easy downloads.
Reviews and comments. http://www.adamziani.com/Best_Live_TV_Streaming_Services_For_Cord_Cutters_In_2019
Nice blog! Is your theme custom made or did you download it from somewhere?
A design like yours with a few simple adjustements would really make my blog shine.
Please let me know where you got your design. Thanks a lot