A West Des Moines, Iowa-based grocery chain that also operates restaurants, fuel-pumps and drive-thru coffee shops is warning its customers about a security incident involving some of its payment card systems.
In a notice posted to its website on August 14, 2019, Hy-Vee warned that it had detected unauthorized activity on some of its payment processing systems. It believes that actions since taken has stopped this activity.
The problem is focused on the restaurants, fuel-pumps and drive-thru coffee shops. Payment systems in its grocery stores, drugstores and convenience stores use point-to-point encryption systems are not believed to be involved.
There are no details on the type of attack, although it has been reported to law enforcement. Outside security firms have been engaged to help Hy-Vee's investigation. "Because the investigation is in its earliest stages," stated Hy-Vee, "we do not have any additional details to provide at this time. We will provide notification to our customers as we get further clarity about the specific timeframes and locations that may have been involved."
Since Hy-Vee talks about 'locations that may have been involved', the implication is that the attack is against individual card readers rather than the back-end systems handling all the devices (as with Magecart). This suggests local card skimming through a planted skimming device rather than systems hacking.
"Given the location for the attack point includes pay-at-the-pump point of sale terminals and drive thru facilities," comments Tim Mackey, principal security strategist at the Synopsys Cybersecurity Research Centre, "the threat model for such locations will include the ability for someone to physically tamper with the terminal itself. A perfect example of s ..
Support the originator by clicking the read the rest link below.
