Des Moines, IA (KHQA)- A class-action lawsuit has been filed in Illinois against Hy-Vee following a data breach that put the information of millions of customers at risk.
The grocery store chain notified its customers in August about a potential payment card data breach that involved “payment processing systems … at some Hy-Vee fuel pumps, drive-thru coffee shops, and restaurants.”
In October, it released a follow-up statement, which explained that malware was found in the card readers at the previously mentioned systems and had been taking customer card information as far back as November 2018 to July 2019.
The most recent statement also added that the malware has been removed and additional steps are being taken to improve security.
The lawsuit against Hy-Vee says that the company not only failed to adequately protect against data breaches but also failed to provide any “meaningful assistance” to customers in recovering possible losses from the malware.
The lawsuit claims that Hy-Vee left millions vulnerable to fraud and identity theft by taking so long to respond.
The lawsuit requests the court to award the plaintiffs, among other things, “appropriate monetary relief,” including actual damages and restitution.
