Customers who used credit or debit cards at taprooms or full-service restaurants in Whole Foods stores should check their accounts.
Whole Foods said in a statement this week that customers who visited certain stores were hacked. We won't know more until Whole Foods progresses in its own investigation; how long that may take isn't known. Whole Foods released a statement on Thursday announcing that the grocery chain "received information regarding unauthorized access of payment card information" used at some locations, and that the authorities would begin investigating the breach.
Whole Foods could not be immediately reached for comment about how many of its supermarkets have restaurants, but it reportedly has more than 40 taprooms, or bar areas. As soon as it discovered the breach, Whole Foods launched an investigation into the matter, contacted law enforcement, and brought in "a leading cyber security forensics firm" to help. In an increasingly challenged market, being seen as the grocery store of the elite was bad for business.
World Foods has said that the stores impacted have restaurants on site and because of this an alternate checkout system.
The in-store taprooms and restaurants use a different payment gateway than Whole Foods checkout.
And Amazon, which sealed its $13.5 billion deal to buy the high-end grocer in August, does not link its network to those Whole Foods systems. This story will be updated as more information is made available.