3 days ago
Whole Foods supplier hack leaves empty shelves, stalls forklifts
Advertisement
In a Monday email to customers, a UNFI representative said they are 'working toward the goal of returning to full operational capacity by' June 15 or sooner and apologized for any disruption to their clients' businesses, according to a copy of the message reviewed by Bloomberg News.
The cybersecurity firm CrowdStrike Holdings Inc. is helping UNFI respond to the incident, according to a person familiar with the matter who spoke on condition of anonymity because they were not authorized to discuss it.
'We believe we are managing the incident capably with a very strong team of inside and outside professionals, including specialized experts,' Douglas said Tuesday on the call. 'We will continue to keep our customers, suppliers and associates regularly updated on our progress and next steps.'
Advertisement
A UNFI forklift operator, who asked not to be named because they weren't authorized to speak on the matter, said they were sent home on Friday as a result of the hack. Managers were unable to call staff to tell them to avoid coming in because of the systems being down, the person said. Some forklift drivers were asked to return to work on Sunday and resorted to pen and paper to prepare shipments for when UNFI is able to fulfill orders again, the person said.
National Co+op Grocers, a UNFI partner, said in a message to its representatives said that the organization was making special requests to UNFI to continue to provide top-selling products in some capacity, according to a copy of the message seen by Bloomberg News.
'We recognize that this is far from optimal, but it is the best and only option we have available to resume shipments from UNFI currently and get some products flowing into your stores,' the June 8 message said.
Neither UNFI nor National Co+op Grocers responded to requests for additional comment.
At a Whole Foods in Manhattan, shelves that normally held ice cream, white bread and yogurt were empty when a Bloomberg News reporter visited on Monday. Store employees declined to comment on the matter. Whole Foods is working to restock its shelves as quickly as possible, according to a company spokesperson.
UNFI first noticed unusual network activity on June 5, then by the evening of June 6 had gathered enough information to warrant a complete shutdown of its network, Douglas said Tuesday. The incident resulted in a nationwide systems outage involving all business systems from ordering to selection and shipping, according to the National Co+op Grocers message.
Advertisement
The hack on UNFI amounts to an attack on US critical infrastructure, said Andrew Howell, vice president of government affairs at the cyber firm SentinelOne Inc. Such incidents demonstrate how the ease of buying groceries relies on tight supply chains which are vulnerable because they 'are controlled by information and operational technology,' he said.
'One of the biggest pieces of magic of the American economy, particularly in the last 20 years is our ability to have just-in-time delivery of goods right across the country, through neighborhoods and around the world,' Howell said. 'And when you see situations like this happen you realize how frail that system becomes.'
With assistance from Will Kubzansky.
