Data stolen from Hy-Vee customers offered for sale on Joker’s Stash Dark Web forum

By: Charlie Osborne

A card dump of 5.3 million accounts may be tied to the recent security breach.

As previously reported by ZDNet, the supermarket chain issued a warning to customers on August 14 which explained that a data breach had occurred at point-of-sale (PoS) systems used by the firm’s fuel pumps, coffee shops, and restaurants including Market Grilles, Market Grille Expresses, and Wahlburgers.

However, PoS systems used by Hy-Vee grocery stores, drugstores, and convenience stores are not believed to have been affected.

Typically, PoS platforms are compromised through the installation of RAM scanners which are able to harvest payment card details once they have been swiped. This stolen data is then remotely transferred to a server controlled by an attacker and may be offered for sale as part of a data dump or used to create clone cards.

It is not known who is behind the data breach, nor how long they were lurking on the firm’s systems. Iowa-based Hy-Vee has launched an investigation and asked customers to keep an eye on their bank statements for fraudulent transactions.

“If you see an unauthorized charge, immediately notify the financial institution that issued the card because cardholders are not generally responsible for unauthorized charges reported in a timely manner,” the company said.

More: https://www.zdnet.com/article/data-stolen-from-hy-vee-customers-offered-for-sale-on-jokers-stash-dark-web-trading-post/