Hy-Vee is now specifying the time frame in which data was being accessed during a data breach. Between Dec. 14, 2018, and July 29, 2019, fuel pumps were being accessed. Restaurants and drive-thru coffee shops were being accessed between Jan. 15, 2019, and July 29, 2019. "There are six locations where access to card data may have started as early as November 9, 2018, and one location where access to card data may have continued through August 2, 2019," said Hy-Vee representatives in a news release. A list of locations and times can be found at www.hy-vee.com/paymentcardincident. Hy-Vee announced in August that it was investigating a “payment card data incident” involving its payment processing systems.The company said in a news release that the security incident involves payment processing systems at some Hy-Vee fuel pumps, drive-thru coffee shops, Market Grilles, Market Grille Expresses and the Wahlburgers locations that Hy-Vee owns and operates.Hy-Vee said it detected unauthorized activity in some of its payment processing systems.Law enforcement agencies are involved in the investigation.The company said it,"takes the security of payment card data very seriously" and will provide more information as the investigation continues.Hy-Vee encouraged shoppers to closely monitor payment card statements and to notify financial institutions of any unauthorized charges. The company is based in West Des Moines and operates more than 240 retail stores in eight Midwestern states: Illinois, Iowa, Kansas, Minnesota, Missouri, Nebraska, South Dakota and Wisconsin.