United Natural Foods, Inc. (NYSE: UNFI), the main distributor for Amazon’s Whole Foods, has been targeted in a cyberattack that has caused some disruptions to business operations.
United Natural Foods advertises itself as the largest full-service grocery partner in North America, delivering products to over 30,000 locations, including natural product superstores, conventional supermarket chains, e-commerce providers, and independent retailers. With more than $30 billion in annual revenue, the company offers more than 250,000 natural, organic and conventional SKUs through its more than 50 distribution centers.
The company revealed in a filing with the SEC on Monday that it had detected unauthorized activity on some IT systems on June 5. In response to the intrusion, certain systems were taken offline, which has temporarily impacted its ability to fulfill and distribute customer orders.
“The incident has caused, and is expected to continue to cause, temporary disruptions to the Company’s business operations,” United Natural Foods said.
The food distributor is conducting an investigation to determine the impact and scope of the cybersecurity incident. It’s also working on restoring affected systems.
While the company may have been targeted in a ransomware attack, no known group appears to have taken credit for the attack on United Natural Foods at the time of writing.
“When threat actors target the backbone of food distribution in North America, they’re not just freezing systems; they’re freezing supply chains,” said Steve Cobb, CISO at SecurityScorecard. “For companies delivering fresh and frozen goods, even a short disruption can lead to spoilage, shipment delays, and major logistical headaches.”
SecurityWeek has reached out to United Natural Foods for clarifications on whether this was indeed a ransomware attack and will update this article if the company responds.
Shares of UNFI closed down 6.98% in trading on Monday and is falling again in pre-market trading on Tuesday as the company discussed the incident during an earnings call.
“In the near term, we are focused on diligently managing through the cyber incident we announced yesterday to rapidly and safely restore our capabilities, while helping our customers with short-term solutions wherever possible,” the company said in its earnings release on June 10.
News of the attack comes just weeks after a ransomware group targeted several major UK retailers, stealing sensitive data in the process.
Shortly after those attacks came to light, Google warned that threat actors had also set their sights on retailers in the United States.
Related: Cartier Data Breach: Luxury Retailer Warns Customers That Personal Data Was Exposed
Related: Lee Enterprises Says 40,000 Hit by Ransomware-Caused Data Breach
Related: MainStreet Bank Data Breach Impacts Customer Payment Cards
