The major American grocer bought recently by Amazon, Whole Foods, has been hit by a breach of payment card information across a number of its outlets.
World Foods has said that the stores impacted have restaurants on site and because of this an alternate checkout system.
Since locating the breach, the company has reportedly been working with a cyber security forensics company to investigate, while also working with the police.
It has been made clear that Amazon was not impacted by the breach as it does not have any direct connections to the affected systems.
In a statement on the incident, the Whole Foods said: “Whole Foods Market recently received information regarding unauthorized access of payment card information used at certain venues such as taprooms and full table-service restaurants located within some stores. These venues use a different point of sale system than the company’s primary store checkout systems, and payment cards used at the primary store checkout systems were not affected.”
Databreaches have become so damaging for the reputation of organisations that a prompt, open and robust reaction is essential. World Foods appears to be attempting this with its swift announcement and cybersecurity reaction.
“The company’s investigation is ongoing and it will provide additional updates as it learns more. While most Whole Foods Market stores do not have these taprooms and restaurants, Whole Foods Market encourages its customers to closely monitor their payment card statements and report any unauthorized charges to the issuing bank,” the World Foods statement said.
The recent Equifax databreach that exposed 143 million sets of personal information has resulted in the stepping down of the CIO the CSO and now the CEO, due to the weak response to the colossal breach. Many are now calling for businesses to take a risk management approach to cybersecurity, as they do for numerous other aspects of an organisation.
This article is from the CBROnline archive: some formatting and images may not be present.