If it's any consolation, Whole Foods says it's on the case: It's "taking appropriate measures to address the issue" by enlisting the "help of a leading cyber security forensics firm" and working with law enforcement to hopefully prevent further incidents.
The company continued, saying customers should contact their banks if they suspect anything:
"While most Whole Foods Market stores do not have these taprooms and restaurants, Whole Foods Market encourages its customers to closely monitor their payment card statements and report any unauthorized charges to the issuing bank."
Whole Foods, which was acquired by tech giant Amazon for $13.7 billion earlier this year, has 449 stores in the United States, including 40 taprooms, according to CNET. So far, it's unclear which store locations were targeted. While the merger has caused a price-slashing frenzy across stores this summer, there's no indication whether the partnership and Amazon's vast resources will lead to enhanced cyber security at Whole Foods going forward.