The information in question was used at taprooms and full-service restaurants located within some stores. These venues use a different point of sale (POS) system than the company’s primary store checkout systems, and payment cards used at the primary store checkout systems were not affected.
The company said that once the breach was discovered, it launched an investigation, hired a leading cybersecurity forensics firm and contacted law enforcement. Whole Foods is assuring customers that it is taking appropriate measures to address the issue.
Whole Foods was acquired by Amazon earlier this year, but the Amazon systems do not connect to the systems at Whole Foods Market, and transactions on the eCommerce giant’s site have not been impacted.
The investigation is ongoing and Whole Foods will provide additional updates as it learns more. While most stores do not have these taprooms and restaurants, the company is encouraging customers to closely monitor their payment card statements for any unauthorized charges.
This is just the latest payment security breach consumers need to worry about, with the biggest being Equifax’s massive hack that has impacted about 143 million Americans.