August 14, 2019
December 14, 2018 to July 29, 2019
Payment card: number, expiration date, and internal verification code
Unknown number of affected individuals including an unknown number of Wisconsin residents.
On July 29, 2019, Hy-Vee Inc. detected unauthorized activity on some of their payment processing systems. Hy-Vee conducted an investigation and found malware designed to access payment card data from cards used on point-of-sale (“POS”) devices at certain Hy-Vee fuel pumps, drive-thru coffee shops, and restaurants.
The general timeframe when data from cards used at Hy-Vee locations may have been accessed is December 14, 2018, to July 29, 2019 for fuel pumps and January 15, 2019, to July 29, 2019, for restaurants and drive-thru coffee shops.
Specific Wisconsin Hy-Vee locations and timeframes related to this incident:
Market Grille, 3801 E. Washington, Madison, WI 53704
January 15, 2019 - June 30, 2019
Market Grille, 675 S. Whitney Way, Madison, WI 53711
January 15, 2019 - July 17, 2019
Hy-Vee can be contacted at (833) 967-1091 Monday through Friday between 8:00 a.m. and 8:00 p.m. CT.
If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at