Whole Foods Market investigating payment card breach

Supermarket chain says taprooms and full table-service restaurants are the source of unauthorized card access

Whole Foods Market
Whole Foods Market

Whole Foods Market, a supermarket chain that specializes in items that don't contain artificial preservatives, colors, etc. said on Thursday they’re investigating a payment card breach at the venues of some stores where taprooms and full table-service restaurants are located.

The company statement was brief, and didn't offer any details as to what stores are impacted. Globally, Whole Foods Market has nearly 500 stores in the U.S., U.K., and Canada. It also isn't known what type card data was impacted, or when the incidents occurred.

"Whole Foods Market recently received information regarding unauthorized access of payment card information used at certain venues such as taprooms and full table-service restaurants located within some stores," a company statement said.

"When Whole Foods Market learned of this, the company launched an investigation, obtained the help of a leading cyber security forensics firm, contacted law enforcement, and is taking appropriate measures to address the issue."

It's important to note, the payment systems affected by the incident being disclosed are separate from those used at the primary checkout systems in the stores.

Also, Amazon.com systems are not connected to the systems being investigated, and Amazon.com transactions are not impacted, the company said.

"The company’s investigation is ongoing and it will provide additional updates as it learns more. While most Whole Foods Market stores do not have these taprooms and restaurants, Whole Foods Market encourages its customers to closely monitor their payment card statements and report any unauthorized charges to the issuing bank," the company statement concluded.

This is a developing story and it will be updated as more information is made available.

Update: Included additional details, and references to Amazon.com transactions. Clarified that the investigation is currently focused on the venues at some stores where taprooms and full table-service restaurants are located.

New! Download the State of Cybercrime 2017 report