logo
Home/News/News article/

Grocery wholesale giant United Natural Foods hit by cyberattack

UNFI

United Natural Foods (UNFI), North America's largest publicly traded wholesale distributor, was forced to shut down some systems following a recent cyberattack.

The Rhode Island-based company operates 53 distribution centers and delivers fresh and frozen products to over 30,000 locations across the United States and Canada, including supermarket chains, e-commerce providers, natural product superstores, independent retailers, and food service customers.

UNFI, a primary distributor for Amazon's Whole Foods, reported $31 billion in annual revenues in August 2024, works with more than 11,000 suppliers, and has over 28,000 employees.

In an 8-K filing with the U.S. Securities and Exchange Commission and a press release on its website, the company disclosed that a cyberattack discovered on Thursday, June 5th, forced it to take some systems offline, which impacted customer orders.

"The Company promptly activated its incident response plan and implemented containment measures, including proactively taking certain systems offline, which has temporarily impacted the Company's ability to fulfill and distribute customer orders," UNFI said. "The incident has caused, and is expected to continue to cause, temporary disruptions to the Company's business operations."

Since the breach was discovered, the wholesaler giant has notified relevant law enforcement authorities and hired external cybersecurity experts to investigate the incident.

UNFI has also taken measures to maintain customer service continuity, implementing workarounds until affected systems are restored.

"The Company is working actively to assess, mitigate, and remediate the incident with the assistance of third-party cybersecurity professionals and has notified law enforcement," it added. "Pursuant to its business continuity plans, the Company has implemented workarounds for certain operations in order to continue servicing its customers where possible. The Company is continuing to work to restore its systems to safely bring them back online."

This disclosure follows widespread reports on social media since Thursday that the company's systems were down and employees were having their shifts canceled. 

UNFI has not yet revealed the nature of the attack or whether the attackers stole any data from the company's network. Additionally, no ransomware operations have claimed responsibility for the breach. As announced on May 20, the company will release its financial results for the fiscal 2025 third quarter this Tuesday.

"We are assessing the unauthorized activity and working to restore our systems to safely bring them back online. As we work through this issue, our customers, suppliers, and associates are our highest priority," UNFI spokesperson Inès de Miranda told BleepingComputer.

UNFI is just the latest company in the food industry to have been breached in recent years. For instance, in March, ​Walmart-owned warehouse supermarket chain Sam's Club disclosed it was investigating claims of a Clop ransomware breach. Food giant JBS Foods, the world's largest beef producer, also paid an $11 million ransom in 2021 after a REvil ransomware attack forced it to shut down production at multiple sites worldwide.

Over the last months, attacks linked to Scattered Spider threat actors and the DragonForce ransomware operation have also targeted retailers across the United Kingdom (including Harrods, Co-op, and Marks & Spencer) and recently switched their attention to U.S. companies.

Free online web security scanner

Top News: