Whole Foods data breach

Next story
Olivia Storey

Whole Foods is the latest major US company to suffer a data breach, with hackers targeting point-of-sale systems.

‘Data breach’ seems to be an expression that is being heard far too frequently these days, and could possibly even have become diluted in how serious it may be, due to just how often companies seem to find their cyber security compromised and customers data stolen.

Just because the news is highlighting just how often cyber criminals can compromise unsecure businesses, doesn’t make it any less serious.

The American company, Whole Foods, recently acquired by Amazon, saw hackers gain access to financial information of customers who had made purchases at their taprooms and restaurants.

The point-of-sale, or POS, systems were targeted to steal the customers’ data, which would later be sold on the dark web to make a profit.

The retail only stores and Amazon.com users were unaffected as they use different POS systems.

It is not stated how many customers have been affected, or which stores were involved, but Whole Foods is advising every customer to check their credit card statement for any unauthorised charges.

Mark James, ESET IT Security Specialist, discusses the severity of data hacks and how you can protect yourself in the event of a data breach involving your personal or financial details.

“Another day, another data breach!

“I hear you say, surely there is no data left to be hacked, so much of our data seems to be leaking onto the internet that another load won’t make a lot of difference right? Wrong.

“Every single piece of our data that makes its way onto a criminals list or into a database of our most precious private data is another attack vector for a malicious actor.

“Cancelling our credit cards is not hard, usually if we have not been completely negligent then getting the funds refunded is also not difficult, but trying not to get scammed or be a victim of a phishing attack is not so easy.

“Even though Whole Foods may not ring bells themselves when the email arrives, their association with Amazon may be the big draw here.

“It’s quite probable we will see phishing attacks using both brand names trying to get you to follow the link or download something to ‘verify’ your details.

“As with all cases like this be very vigilant about keeping an eye on your finances. Small transactions might just be criminals testing the card to see if it works. If you find anything out of the ordinary then contact your bank immediately.”

Have you spotted any phishing attacks using Whole Foods or Amazon? Let us know on Twitter @ESETUK.

Join the ESET UK LinkedIn Group and stay up to date with the blog. If you are interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.