Whole Foods Market said customers who paid at the grocer’s in-store bars and restaurants in Bellingham and Bellevue may have had their payment information hacked.
The data breach, which only affects point-of-sale terminals at taprooms and full table-service restaurants, was announced on Sept. 28 but the company did not say which stores were affected until Wednesday.
“Whole Foods Market encourages its customers to closely monitor their payment card statements and report any unauthorized charges to the issuing bank,” the company said in a statement posted to its website.
Payment cards used at the store’s main checkout systems were not affected. Orders at Amazon.com also were not affected.
Whole Foods said the company “recently received information regarding unauthorized access of payment card information” and that it has contacted law enforcement and is getting help from “a leading cyber security forensics firm” to address the issue.