5M cards exposed in supermarket breach

Compromised gas pumps, coffee shops and restaurants operated by Hy-Vee – an Iowa-based company that operates more than 245 supermarkets throughout the Midwest – may have led to over 5 million credit and debit accounts being exposed and sold online.

According to KrebsOnSecurity, Hy-Vee announced earlier this month that was investigating a data breach involving its payment processing systems. Reported restaurants affected include Hy-Vee Market Grilles, Market Grille Expresses and Wahlburgers locations owned and operated by the company.

“Hy-Vee said it believes the breach does not affect payment card terminals used at its grocery store checkout lanes, pharmacies or convenience stores, as these systems rely on a security technology designed to defeat card-skimming malware,” reported Brian Krebs.

Krebs said that the compromised payment data was being advertised last week on a popular underground store for selling stolen credit and debit card information.


continue reading »