UNFI services disrupted by cyberattack
This story was originally published on Grocery Dive. To receive daily news and insights, subscribe to our free daily Grocery Dive newsletter.
United Natural Foods, Inc. is dealing with 'temporary disruptions' to its operations stemming from 'unauthorized activity' involving its information technology systems, the grocery retailer and wholesaler disclosed in a regulatory filing Thursday.
UNFI said in the filing that it took some of its systems offline as it investigates the breach, which it discovered Thursday, but did not provide details about which of its services or capabilities have been impacted. UNFI said in a statement released Monday morning that the disruption is continuing.
'As soon as we discovered the activity, an investigation was initiated with the help of leading forensics experts and we have notified law enforcement. We are assessing the unauthorized activity and working to restore our systems to safely bring them back online,' UNFI said in a statement.
UNFI said in the regulatory filing that it has implemented workarounds to continue providing services 'where possible,' but did not provide additional information. The company said it is working with third-party cybersecurity experts as it looks into the cause of the incident and develops a solution.
UNFI distributes groceries and nonfood products to customers at about 30,000 locations, according to its latest annual report. The company has a primary distribution arrangement with Whole Foods Market under an agreement that extends through May 2032. UNFI also runs supermarkets under banners including Cub Foods and Shoppers.
The breach follows an online attack last fall that targeted systems run in the U.S. by Dutch grocery company Ahold Delhaize. That breach forced Ahold Delhaize to take e-commerce services at its Hannaford banner down for several days in addition to disrupting online operations at other chains the company runs.
Recommended Reading
Ahold Delhaize confirms data stolen after threat group claims credit for November attack
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
14 hours ago
- Yahoo
Whole Foods warns of shortages after cyberattack at its primary distributor UNFI
Whole Foods told its employees that the ongoing outages and disruptions at its primary distributor, United Natural Foods (UNFI), may take 'several days to resolve.' The Amazon-owned retail giant told staff in an internal communication, seen by TechCrunch, that UNFI was experiencing a 'nationwide technology system outage,' which UNFI has for its part described as a cybersecurity incident. Whole Foods said in the communication to staff that the cyberattack is affecting UNFI's 'ability to select and ship products from their warehouses' and that this will 'impact our normal delivery schedules and product availability.' The missive to staff included instructions to limit communications with customers. The 'only single approved customer talking point' that Whole Foods employees can share with customers, according to the communication, is that the grocery giant is having 'temporary supply challenges.' When reached by TechCrunch, Whole Foods spokesperson Nathan Cimbala said: 'We are working to restock our shelves as quickly as possible and apologize for any inconvenience this may have caused for customers.' Whole Foods did not say how it reached its claim that the situation may resolve in a few days. For its part, UNFI said Wednesday that it was making progress in restoring its systems. 'We continue working steadily to safely restore our systems and provide the services our customers and suppliers know and expect from us,' UNFI spokesperson Grace Turiano told TechCrunch. 'As of today, we're gradually bringing our ordering and receiving capabilities back online, with the goal of further increasing our capacity over the coming days.' UNFI is one of the largest food distributors in North America, supplying grocery goods and fresh produce to more than 30,000 stores and supermarkets across the U.S. and Canada. The company disclosed the cyberattack on Monday in a filing with federal regulators, and UNFI's chief executive, Sandy Douglas, told investors this week that the company took its entire network offline on Friday after detecting the intrusion. The company also this week reported $8.1 billion in net sales in the quarter ended May 3, 2025. Since our reporting on Tuesday, TechCrunch has received several reports of empty shelves at some Whole Foods stores and other grocery stores reliant on UNFI. A Whole Foods store visited by this reporter on Tuesday displayed notices in several aisles saying that the store was experiencing an unspecified 'temporary out of stock issue' for some products. Much of the downstream real-world impact on grocery stores and their customers may not be seen until later this week. Do you know more about the cyberattack at UNFI? Are you a corporate customer affected by the disruption? You can securely contact this reporter via encrypted message at zackwhittaker.1337 on Signal. This story was first published on June 10 and has been updated with new information about UNFI's recovery from a spokesperson.
New York Post
14 hours ago
- New York Post
Whole Foods tells customers of ‘temporary supply challenges' after cyberattack leaves shelves bare
Whole Foods reportedly directed workers to downplay increasingly empty aisles after a cyberattack on its main distributor crippled deliveries and sent ripple effects through the retail food supply chain. The Amazon-owned supermarket chain posted vague notices about 'temporary supply challenges' as frustrated customers were greeted with bare shelves at several locations, according to TechCrunch. In an internal memo obtained by the outlet, Whole Foods told staffers that the cyberattack on United Natural Foods Inc. (UNFI) is its 'ability to select and ship products from their warehouses.' 'This will impact our normal delivery schedules and product availability,' the memo added. 3 Whole Foods stores across North America are facing bare shelves and frustrated customers after a cyberattack on its main distributor. Anadolu Agency via Getty Images The Rhode Island-based wholesaler, which supplies more than 30,000 stores including Whole Foods, reported a 'cybersecurity incident' last week that forced it to take critical systems offline, halting operations and delaying shipments of food and other essentials to supermarkets across the US and Canada. 'We are working to restock our shelves as quickly as possible and apologize for any inconvenience this may have caused for customers,' Whole Foods spokesperson Nathan Cimbala told The Post. UNFI confirmed in a regulatory filing that it had discovered 'unauthorized activity in our systems' late last week and had taken portions of its network offline in response. On Wednesday, the company said it had begun restoring its ordering and receiving systems in phases. 'We continue working steadily to safely restore our systems and provide the services our customers and suppliers know and expect from us,' said UNFI spokesperson Grace Turiano. Grocery chains dependent on UNFI's massive distribution network are being forced to improvise. In New York City, Morton Williams has already begun seeking alternate sources for staples such as dairy, frozen foods, and bottled beverages. 'It's bringing the company to a standstill with no orders generated and no orders coming in,' Steve Schwartz, Morton Williams' director of sales, told The Post earlier this week. Across the country, store employees and shoppers are feeling the strain. One bakery worker posted to Reddit that they had to cancel several graduation cake orders after deliveries of key ingredients failed to arrive. 3 United Natural Foods Inc. (UNFI) fell victim to a cyber attack which crippled deliveries and sent ripple effects through the retail food supply chain. Ellionn – The attack on UNFI is the latest in a string of cyber incidents targeting major consumer-facing companies. Just last month, Victoria's Secret was forced to take its website offline and delay its earnings report after a similar breach. 'What we are seeing with UNFI and, just last week, with Victoria's Secret, reflects a growing trend: threat actors are targeting critical infrastructure and high-traffic consumer platforms for maximum disruption and financial leverage,' Adrianus Warmenhoven, a cybersecurity expert at NordVPN, told TechCrunch. UNFI has not disclosed the identity of the attackers or their demands, if any. CEO Sandy Douglas told investors the breach was discovered Friday and that systems were intentionally shut down as a precaution. But employees say the road to recovery could be long. 'It's a mystery as of yet what is going to happen and how long it's going to be until things are back to normal,' wrote one Reddit user claiming to work for UNFI. 'Even when they can start to get back on track it will have to be done in phases.' 3 Whole Foods stores throughout North American have been impacted. Getty Images UNFI, which reported $8.1 billion in quarterly sales for the period ending May 3, saw its shares drop 8.5% following news of the breach — a sign of investor concern over the scale and duration of the disruption. The timing couldn't be worse. With supply chains still fragile after years of pandemic-related strain, the cyberattack has exposed vulnerabilities in the food industry's logistical backbone. For many retailers, UNFI is a critical link between manufacturers and store shelves — and there's no quick substitute. As UNFI works to get back online and Whole Foods hustles to restock, shoppers may continue to encounter gaps in inventory. The Post has sought comment from UNFI.
TechCrunch
16 hours ago
- TechCrunch
Whole Foods warns of shortages after cyberattack at its primary distributor UNFI
Whole Foods told its employees that the ongoing outages and disruptions at its primary distributor, United Natural Foods (UNFI), may take 'several days to resolve.' The Amazon-owned retail giant told staff in an internal communication, seen by TechCrunch, that UNFI was experiencing a 'nationwide technology system outage,' which UNFI has for its part described as a cybersecurity incident. Whole Foods said in the communication to staff that the cyberattack is affecting UNFI's 'ability to select and ship products from their warehouses,' and that this will 'impact our normal delivery schedules and product availability.' The missive to staff included instructions to limit communications with customers. The 'only single approved customer talking point' that Whole Foods employees can share with customers, according to the communication, is that the grocery giant is having 'temporary supply challenges.' When reached by TechCrunch, Whole Foods spokesperson Nathan Cimbala said: 'We are working to restock our shelves as quickly as possible and apologize for any inconvenience this may have caused for customers.' The company did not say how the company reached its claim that the situation may resolve in a few days. For its part, UNFI said Wednesday that it was making progress in restoring its systems. 'We continue working steadily to safely restore our systems and provide the services our customers and suppliers know and expect from us,' UNFI spokesperson Grace Turiano told TechCrunch. 'As of today, we're gradually bringing our ordering and receiving capabilities back online, with the goal of further increasing our capacity over the coming days.' UNFI is one of the largest food distributors in North America, supplying grocery goods and fresh produce to more than 30,000 stores and supermarkets across the U.S. and Canada. The company disclosed the cyberattack on Monday in a filing with federal regulators, and UNFI's chief executive, Sandy Douglas, told investors this week that the company took its entire network offline on Friday after detecting the intrusion. The company also this week reported $8.1 billion in net sales in the quarter ended May 3, 2025. Since our reporting on Tuesday, TechCrunch has received several reports of empty shelves at some Whole Foods stores and other grocery stores reliant on UNFI. A Whole Foods store visited by this reporter on Tuesday displayed notices in several aisles saying that the store was experiencing an unspecified 'temporary out of stock issue' for some products. Much of the downstream real-world impact on grocery stores and their customers may not be seen until later this week. Do you know more about the cyberattack at UNFI? Are you a corporate customer affected by the disruption? You can securely contact this reporter via encrypted message at zackwhittaker.1337 on Signal. This story was first published on June 10 and updated with new information about UNFI's recovery from a spokesperson.
