Natural Grocers Investigates Possible Data Breach

Natural Grocers by Vitamin Cottage is investigating a possible data breach involving an “unauthorized intrusion targeting limited customer payment data,” according to a company statement.

The grocery retailer has not received reports of fraudulent card use from any customer, credit card company or financial institution. In a statement published on the company web site, Natural Grocers indicated: “There is no evidence that PIN numbers or card verification codes were accessed. Finally, no personally identifiable information, such as names, addresses or Social Security numbers, was involved, as the company does not collect that data as part of its payment processing system.”

However, security blogger Brian Krebs indicated that financial industry sources have traced a fraudulent pattern on customer credit and debit cards, suggesting that hackers have accessed cash registers at Natural Grocers locations throughout the country. The pattern indicates that card data stolen from the retailer has already been sold through underground cybercrime networks.


The cyberattacks began prior to Christmas 2014, when hackers attacked weaknesses in the company’s database servers. From there, the attackers moved laterally within the retailer’s internal network, eventually planting card snooping malware on POS systems.

Natural Grocers hired a third-party data forensics firm to investigate the potential breach. The retailer also is collaborating with law enforcement.

While the investigation is ongoing, Natural Grocers has accelerated plans to upgrade POS systems in all of store locations to meet PCI compliance. The retailer also plans to implement new PIN pads that accept EMV-enabled cards.

Featured Event

Join the retail community as we come together for three days of strategic sessions, meaningful off-site networking events and interactive learning experiences.



Access The Media Kit


Access Our Editorial Calendar

If you are downloading this on behalf of a client, please provide the company name and website information below: