Multiple sources tell KrebsOnSecurity that the card data came from compromised gas pumps, coffee shops and restaurants operated by Hy-Vee. The card data is now being sold under the code name Solar Energy, at the infamous Jokers Stash carding bazaar. The company says it believes the breach does not affect payment card terminals used at its grocery store checkout lanes, pharmacies or convenience stores, as these systems rely on a security technology designed to defeat card-skimming malware.”]