Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.
A Hy-Vee class action lawsuit claims that the grocer failed to act quickly to protect customers’ information after learning about a data breach.
Lead plaintiff Patricia Davis alleges in her class action lawsuit the Hy-Vee both failed to provide adequate security measures to protect customers’ information from hackers and failed to warn those affected by the massive data breach.
According to the complaint, the data breach occurred over a number of months and affected 5 million customers.
The Hy-Vee data breach class action lawsuit alleges that the grocery store chain runs 245 stores in the Midwest. In addition to groceries, some locations provide additional services, such as pharmacies, florists, prepared food, coffee shops, alcohol, and gas stations.
Davis says that on June 25, 2019, after she purchased prepared food using her debit card at a Hy-Vee location, she became a victim of the data breach.
The plaintiff claims that the grocer released a press release on Aug. 14, 2019 stating that Hy-Vee suffered a “data incident involving its payment processing systems.”
“According to this press release, the Data Breach affected Hy-Vee’s customers who made card purchases at Hy-Vee’s fuel pumps, drive-thru coffee shops, and restaurants, including Hy-Vee Market Grilles, Market Grille Expresses and Wahlburgers locations that Hy-Vee owns and operates but apparently did not affect customers who made card purchases through checkout lines at Hy-Vee grocery stores, drugstores, and convenience stores,” notes the Hy-Vee data breach class action lawsuit.
A second press release issued in October allegedly revealed that the Hy-Vee data breach occurred between Dec. 14, 2018 and July 29, 2019 for fuel pumps, and Jan. 15, 2019 and July 29, 2019 for coffee shops and gas stations.
Davis says that by using Hy-Vee’s “Location Look Up Tool” provided by the store for consumers to identify whether their information had been compromised, she determined that her purchase occurred during the data breach.
The Hy-Vee data breach class action lawsuit alleges that the grocery store chain failed to implement proper encryption technology to secure customer information at fuel pumps and coffee shops. As a result, says the complaint, Davis’ and other consumers’ debit card information and names are available for sale at $17 to $35 each.
“The risk of data breaches like the one that affected payment card purchases at Hy-Vee’s fuel pumps, drive-thru coffee, and restaurants is well-known,” contends the complaint. “Indeed, upon information and belief, Hy-Vee adopted point-to-point encryption security measures for payment card purchases at its checkout lines in its grocery stores with the express purpose of avoiding such data breaches.”
Further, argues the Hy-Vee data breach class action lawsuit, the chain was well aware of the problem for months before it informed affected consumers.
In addition, Hy-Vee failed to provide any credit monitoring services to affected consumers, instead telling them to monitor their accounts and inform their financial institutions “because cardholders are not generally responsible for unauthorized charges reported in a timely manner.”
A second Hy-Vee data breach class action lawsuit was reportedly filed by a Kansas City man who makes the same allegations.
Davis seeks to represent a nationwide Class of consumers who made purchases at a Hy-Vee and whose credit or debit card information was affected by the data breach.
Was your payment card information affected by the Hy-Vee data breach? Tell us more about it in the comments below.
The plaintiff is represented by Shpetim Ademi, John D. Blythin, Mark A. Eldridge, and Jesse Fruchter of Ademi & O’Reilly LLP and Ben Barnow and Erich P. Schork of Barnow and Associates PC.
The Hy-Vee Data Breach Class Action Lawsuit is Davis v. Hy-Vee Inc., Case No. 3:19-cv-00941, in the U.S. District Court for the Western District of Wisconsin.
ATTORNEY ADVERTISING
Top Class Actions is a Proud Member of the American Bar Association
LEGAL INFORMATION IS NOT LEGAL ADVICE
Top Class Actions Legal Statement
©2008 – 2024 Top Class Actions® LLC
Various Trademarks held by their respective owners
This website is not intended for viewing or usage by European Union citizens.
15 thoughts onHy-Vee Class Action Alleges Slow Response to Data Breach
Thanks TCA.. I got $40 in mail.
Add me
Add me. I had to get a new card because of this
Add me too
Add me