On November 25, 2019, CSK&D and its co-counsel filed an amended class action complaint against Hy-Vee related to a recent data breach involving a number of Hy-Vee gas pumps, coffee shop locations (including certain Starbucks coffee shops), Market Grille, Wahlburger, and other restaurant locations between December 2018- July 2019. The Amended Complaint is filed on behalf of eight plaintiffs from five different states- including Iowa, Illinois, Kansas, Minnesota, and Missouri- representing potentially millions of customers affected by the breach.
According to the amended complaint, some of Hy-Vee’s gas pump, coffee shop, and restaurant locations, lacked industry standard encryption systems as opposed to the payment card systems utilized within its grocery store, pharmacy, and convenience store locations. The Data Breach was an inevitable result of the Company’s cavalier approach to data security amid widespread publicity about other recent data security attacks. Even though the Company had disclosed its knowledge of the breach initially in August 2019, the Company only reported the full extent of the breach’s affects in early October 2019. By then, the payment information of those affected by the breach has already been floating around the dark web for nearly two months.
On December 11, 2019, CSK&D was appointed as interim co-lead counsel by the United States District Court for the Central District of Illinois in this case. A copy of the related 23g order can be accessed by clicking here.
If you would like more information about this case, please either fill out the intake form or contact the attorneys below. A copy of the Amended Complaint can also be accessed by clicking here.