Hy-Vee Whitney Way store, 2013 State Journal photo

The Hy-Vee grocery store at 765 S. Whitney Way in Madison in 2013.

WEST DES MOINES, Iowa — Hy-Vee says it is in the “earliest stages” of an investigation into whether payment card data was breached at some of its fuel pumps, drive-thru coffee shops and restaurants.

The grocer announced Wednesday it recently detected unauthorized activity at some of its payment processing systems and “immediately” began an investigation with assistance from leading cybersecurity firms.

Company officials also alerted federal law enforcement and the payment card networks, the company said in a news release.

Hy-Vee said it believes its actions have stopped the unauthorized activity on its payment processing systems.

The company’s systems for the fuel pumps, coffee shops and restaurants — including Market Grilles, Market Grille Expresses and Wahlburgers locations — lack the encryption technology that renders card data unreadable at its grocery stores, drugstores and convenience stores, which are not believed to be involved in the potential breach.

Transactions processed through Aisles Online, Hy-Vee’s online grocery ordering platform, also are not involved, the company said.

Hy-Vee did not indicate specific time frames or locations Wednesday but said it will notify customers once further details emerge.

The company is based in West Des Moines and operates more than 240 retail stores in eight Midwestern states: Illinois, Iowa, Kansas, Minnesota, Missouri, Nebraska, South Dakota and Wisconsin.

HyVee has stores at 675 S. Whitney Way and 3801 E. Washington Ave. in Madison, and 2920 Fitchrona Road in Fitchburg.


We'll give you the Business

Sign up for the free Business Briefing email!

* I understand and agree that registration on or use of this site constitutes agreement to its user agreement and privacy policy.