United Natural Foods (UNFI), North America’s largest publicly traded wholesale distributor, was forced to shut down some systems following a recent cyberattack. The Rhode Island-based company operates 53 distribution centers and delivers fresh and frozen products to over 30,000 locations across the United States and Canada:
On June 5, 2025, United Natural Foods, Inc. (the “Company”) became aware of unauthorized activity on certain of its Information Technology (IT) systems. The Company promptly activated its incident response plan and implemented containment measures, including proactively taking certain systems offline, which has temporarily impacted the Company’s ability to fulfill and distribute customer orders. The incident has caused, and is expected to continue to cause, temporary disruptions to the Company’s business operations. The Company is working actively to assess, mitigate, and remediate the incident with the assistance of third-party cybersecurity professionals and has notified law enforcement. Pursuant to its business continuity plans, the Company has implemented workarounds for certain operations in order to continue servicing its customers where possible. The Company is continuing to work to restore its systems to safely bring them back online.
The investigation to assess the impact and scope of the incident remains ongoing and is in its early stages.
Erich Kron, Security Awareness Advocate at KnowBe4:
“Operations such as this often work on a very tight timeline, so the pressure can be high to get systems up and running as soon as possible. This is what attackers hope for as they dangle the idea in front of the victims that paying the ransom will get organizations back online quickly. While decrypting the data could possibly restore operations more quickly, there is a huge danger that back doors are left in place to be exploited again, or that after payment, encrypted files turn out to be corrupted and unrecoverable.”
“Not only do attacks such as these really put the pressure on the victim, but the organizations that rely on the products are also put in a spot as well. If the wholesaler can’t get items to the retailer, the retailer suffers greatly as well and might look for other options to make future purchases, costing the wholesaler customers and their reputation.”
“Since the vast majority of ransomware attacks are started by exploiting employees, organizations should have a robust human risk management program in place to address threats such as social engineering, poor credential hygiene, and other human-centric threats.”
Paul Bischoff, Consumer Privacy Advocate at Comparitech:
“Although UNFI hasn’t stated as much, this attack has all the hallmarks of ransomware. Ransomware attacks can lock down computer systems, forcing companies to pay a ransom or face extended downtime and permanent data loss. These attacks can cripple companies and even force them to shut down permanently in some cases, so they should not be taken lightly. This attack could have knock-on effects including higher food prices for consumers.”
Chris Hauk, Consumer Privacy Champion at Pixel Privacy:
“Cyberattacks like the one UNFI has been hit with can cause delays in deliveries, product shortages, and even store closings and temporary layoffs, due to organizations’ reliance on computer systems. While we don’t know exactly what type of attack has been launched against UNFI or how it was launched, it does emphasize how companies need to ensure that their internal systems, as well as those of their suppliers and partners, are kept up to date to plug security holes.”
I for one would would like to see more details disclosed. As in what happened, what the downstream effects are, and what UNFI will do to ensure that it doesn’t happen again. Because that will enable it’s business partners and the public to trust them going forward.
Like this:
Like Loading...
Related
This entry was posted on June 9, 2025 at 11:53 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Grocery wholesale giant United Natural Foods hit by cyberattack
United Natural Foods (UNFI), North America’s largest publicly traded wholesale distributor, was forced to shut down some systems following a recent cyberattack. The Rhode Island-based company operates 53 distribution centers and delivers fresh and frozen products to over 30,000 locations across the United States and Canada:
On June 5, 2025, United Natural Foods, Inc. (the “Company”) became aware of unauthorized activity on certain of its Information Technology (IT) systems. The Company promptly activated its incident response plan and implemented containment measures, including proactively taking certain systems offline, which has temporarily impacted the Company’s ability to fulfill and distribute customer orders. The incident has caused, and is expected to continue to cause, temporary disruptions to the Company’s business operations. The Company is working actively to assess, mitigate, and remediate the incident with the assistance of third-party cybersecurity professionals and has notified law enforcement. Pursuant to its business continuity plans, the Company has implemented workarounds for certain operations in order to continue servicing its customers where possible. The Company is continuing to work to restore its systems to safely bring them back online.
The investigation to assess the impact and scope of the incident remains ongoing and is in its early stages.
Erich Kron, Security Awareness Advocate at KnowBe4:
“Operations such as this often work on a very tight timeline, so the pressure can be high to get systems up and running as soon as possible. This is what attackers hope for as they dangle the idea in front of the victims that paying the ransom will get organizations back online quickly. While decrypting the data could possibly restore operations more quickly, there is a huge danger that back doors are left in place to be exploited again, or that after payment, encrypted files turn out to be corrupted and unrecoverable.”
“Not only do attacks such as these really put the pressure on the victim, but the organizations that rely on the products are also put in a spot as well. If the wholesaler can’t get items to the retailer, the retailer suffers greatly as well and might look for other options to make future purchases, costing the wholesaler customers and their reputation.”
“Since the vast majority of ransomware attacks are started by exploiting employees, organizations should have a robust human risk management program in place to address threats such as social engineering, poor credential hygiene, and other human-centric threats.”
Paul Bischoff, Consumer Privacy Advocate at Comparitech:
“Although UNFI hasn’t stated as much, this attack has all the hallmarks of ransomware. Ransomware attacks can lock down computer systems, forcing companies to pay a ransom or face extended downtime and permanent data loss. These attacks can cripple companies and even force them to shut down permanently in some cases, so they should not be taken lightly. This attack could have knock-on effects including higher food prices for consumers.”
Chris Hauk, Consumer Privacy Champion at Pixel Privacy:
“Cyberattacks like the one UNFI has been hit with can cause delays in deliveries, product shortages, and even store closings and temporary layoffs, due to organizations’ reliance on computer systems. While we don’t know exactly what type of attack has been launched against UNFI or how it was launched, it does emphasize how companies need to ensure that their internal systems, as well as those of their suppliers and partners, are kept up to date to plug security holes.”
I for one would would like to see more details disclosed. As in what happened, what the downstream effects are, and what UNFI will do to ensure that it doesn’t happen again. Because that will enable it’s business partners and the public to trust them going forward.
Share this:
Like this:
Related
This entry was posted on June 9, 2025 at 11:53 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.