In 2019, the Hy Vee data breach happened. The supermarket chain experienced a data breach and the dangers of malware. How so?
Let us know more about that incident in this article. But let us first get to know Hy Vee.
What is Hy Vee?
Hy Vee is an employee-owned supermarket chain in the Midwestern United States. It was founded in Beaconsfield, Iowa in 1930.
Also, the chain has 245 locations in eight different states and six subsidiaries under it.
Further, some of their chains are full-service supermarkets. With bakeries, pharmacies, coffee kiosks, flower shops, and much more.
Then, Hy Vee has gas stations with convenience stores and fitness centers. They also have full-service restaurants in some of its areas.
So, a company this big has cyberattackers looming around. What happened with the supermarket chain last year?
Hy Vee Data Breach
On August 14 of last year, Hy Vee announced that they are looking into a data breach. One that affects their payment systems and card readers.
They learned of the breach by July and reported it in August.
Then, the affected were some of their gas pumps and drive-thru coffee shops.
Also, some in-store restaurants were affected. Like their Market Grilles and Market Grilles Express. Some Wahlburgers were also affected.
But the data breach did not affect other areas of their business. It did not affect cards used at:
- front checkout lanes
- convenience stores
- liquor stores
- customer service counters
- floral departments
- other food-service areas
This is because these areas have better encryption security systems. Also, its systems rely on technology designed to defeat card-skimming malware.
Further, there were many locations affected. Including 11 from Omaha, 2 in Council Bluffs, and one in Papillion. Other locations were Lincolns, Columbus, Plattsmounts among others.
So, what did the culprits use? Malware.
Dangers of Malware
After two months of investigation, Hy Vee had a conclusion to the data breach. They learned that a point-of-sale or POS malware was behind the breach.
So, this malware exposed customer payment card information from affected areas. Its design is to tap into the payment card info exchanged at the POS device.
Then, the malware will search for track data read from the card used at the POS device. Some data they can copy are:
- cardholder name
- card number
- expiration date
- internal verification code
But in some locations, the malware was not on all POS devices. Also, it did not copy all data from payment cards and not all cards were affected.
Then, as per Hy Vee’s investigation, the breach was discovered in July. But was already present since late-2018 starting as early as November 9.
Thus, they asked for the aid of cybersecurity experts. Hy Vee then removed this malware with the help of these experts. And found ways to better the payment security in affected areas.
They also notified the Federal law enforcement and payment card networks.
After, Hy Vee identified customers that may have been affected by the malware. Then, they notified them by mailing a letter or sending them an email.