The breach occurred on the payment system used by taprooms and table service restaurants located within some Whole Foods stores. The company said the payment system used for grocery purchases was not affected and consumers who did not charge purchases at taprooms and table service restaurants are not affected.
"When Whole Foods Market learned of this, the company launched an investigation, obtained the help of a leading cyber security forensics firm, contacted law enforcement, and is taking appropriate measures to address the issue," Whole Foods said in a statement.
The revelation comes in the same week that SONIC reported a breach of its payment system at some of its more than 3,500 U.S. locations. Both incidents have occurred in the aftermath of Equifax's massive data breach, which has heightened consumer concerns about identity theft.
Amazon not affected
In its statement, Whole Foods did not disclose how many accounts may have been exposed to hackers, or when the breach might have occurred. It did say that Amazon.com systems do not connect to the Whole Food network and that Amazon.com transactions are not affected.
Not all Whole Foods stores have taprooms and restaurants. Even so, the company is encouraging customers who have used credit or debit cards at these stores to closely monitor their accounts to look for signs of fraudulent use.
As an additional step, consumers who have used cards at Whole Foods taprooms and restaurants should notify their card issuer so that precautionary steps can be taken.
Whole Foods says the investigation into this cyber breach is still underway and that it will provide additional details as it learns them.