DES MOINES, Iowa (AP) – An Iowa-based grocery chain says reports of hacked customer account information are known to be sold online.
The Des Moines Register was the first to report credit and debit card information to some Hy-Vee customers being sold on a website for $ 17 to $ 35 apiece.
Hy-Vee issued a statement to the KCCI station stating that it is aware of reports of the stolen information being sold and working with payment card networks to identify the cards and work with issuing banks.
Earlier this month, Hy-Vee acknowledged that it detected unauthorized activity on some of its payment systems related to card payments at Hy-Vee restaurants, fuel pumps and driving through coffee shops. The company does not believe the breach extended to payment systems used in grocery stores, pharmacies and convenience stores.
Hy-Vee operates more than 240 retailers throughout Illinois, Iowa, Kansas, Minnesota, Missouri, Nebraska, South Dakota, and Wisconsin.
Information provided by: Des Moines Register, http://www.desmoinesregister.com