Whole Foods Market Latest Victim of Payment Card Breach

Whole Foods Market announced on Thursday that it is investigating unauthorized access of payment card information used at certain venues such as taprooms and full table-service restaurants located within some stores. According to a company release, the specific venues that fell victim to the hack, use a different point of sale system than the one used at the primary store checkout areas. The company states that those checkout terminals were not affected in this breach.

The announcement of the security compromise by Whole Foods, which recently was acquired by mega-online retailer/digital giant, Amazon, makes the company the latest in a surge of hospitality breaches, among them: Sonic, Wendy’s and Chipotle.

The Sonic Drive-In breach was carried out in a similar way to that of the attack on Whole Foods.  

The company’s released statement reveals that upon learning of the compromise, the company launched an investigation, obtained the help of a leading cyber security forensics firm, contacted law enforcement, and is taking appropriate measures to address the issue. The investigation is ongoing and Whole Foods Markets plans to provide additional updates as it learns more.

The company’s released statement also stresses that while most Whole Foods Market stores do not have these taprooms and restaurants, all customers are encouraged to closely monitor their payment card statements and report any unauthorized charges to the issuing bank. The company release also notes that Amazon.com systems do not connect to the affected systems at Whole Foods Market and therefore transactions on Amazon.com have not been impacted.