Perdue, et al. v. Hy-Vee, Inc., No. 1:19-cv-01330-MMM-JEH (C.D. Ill.)
Chimicles Schwartz Kriner & Donaldson-Smith LLP (“CSK&D”) filed this class action lawsuit against Iowa-based supermarket chain Hy-Vee, Inc. (“Hy-Vee”) following its announcement in August 2019 that it detected a security breach in its payment card environment.
The company disclosed that an unauthorized third-party group gained access to Hy-Vee’s payment processing systems using malware at some of its fuel pumps, drive-thru coffee shops, Market Grilles, Market Grille Express, and the Wahlburgers locations that Hy-Vee owns and operates. It also announced that the breach was initially detected on July 29, 2019, and lasted from November 2018 until as late as August 2019.
The information exposed in this data breach may include customer names and payment card information (card numbers, security codes). This sensitive information is highly valuable to criminals. Caches of the stolen data have already been placed for sale on the dark web, where other criminals purchase the data in order to perpetrate identity theft and other frauds. Criminals can also use this stolen information to create counterfeit cards to purchase high-priced items from other retailers.
Plaintiffs filed the Consolidated Second Amended Class Action Complaint on December 30, 2019. Hy-Vee subsequently filed a motion to dismiss the action, and the Plaintiffs have filed their opposition to that motion. Hy-Vee’s reply brief is forthcoming.
[Amended Complaint Button] [MTD Button] [MTD Oppo Button]
CSK&D serves as co-lead counsel for Plaintiffs and the class of consumers who used a payment card at one of the Hy-Vee locations affected by the breach. If you believe you have been impacted by the Hy-Vee data breach, please contact one of the lawyers listed below.