Whole Foods Warns Shoppers of a Data Breach

By
The company says it will provide new updates “as it learns more.” Photo: Drew Anthony Smith/Getty Images

Bad news for Whole Foods growler-station regulars: Your personal data may have fallen into hackers’ hands. The company says that it “received information regarding unauthorized access of payment card information” at some of its taprooms and in-store restaurants with table service. Affected restaurants aren’t those in a store’s upstairs food court — think like The Roof at Brooklyn’s Gowanus location, or the Kogi that Roy Choi opened last year in an L.A. Whole Foods. These spots rely on a different point-of-sale system than the one grocery checkout counters use.

In an official statement, the company notes it’s brought in a “leading cyber security forensics firm” to investigate, and has also contacted law enforcement. “Most” stores don’t have taprooms or that kind of restaurant, it reassures nervous shoppers, but customers are still encouraged to “closely monitor their payment card statements and report any unauthorized charges.” Whole Foods didn’t say how many stores were affected in all. But at least 40 of them serve beer on tap, and earlier this year the company boasted it’s now up to “30 full-service restaurants” and some “250 quick-service concepts” nationwide.

The notice also stresses that online Amazon purchases “do not connect to these systems at Whole Foods,” so Jeff Bezos would like you to relax — all those Prime transactions aren’t putting your personal info at risk. However, it might be worth remembering that Amazon itself is now listening if you broke down and bought one of those heavily discounted “farm fresh” Echos that Whole Foods was selling on produce aisles.

Whole Foods Warns Shoppers of a Data Breach