The Whole Foods Market operation of e-commerce giant Amazon said credit card data has been swiped from its in-store restaurants and taprooms but not from the grocery side of the business.
The supermarket chain also stressed that the breach did not extend to information on customers of Amazon.com, its parent company’s core business.
Few Whole Foods branches have restaurants, the chain said. Those that do feature eateries have separate POS networks for the two businesses, it explained.
The security problem comes a few weeks after Amazon bought Whole Foods for $13.7 billion as its entry into the brick-and-mortar foods business. Part of the attraction, according to many analysts of the deal, was the opportunity to obtain data on Whole Foods’ customer base.
Whole Foods did not reveal the extent of the breach, saying the investigation is ongoing.