Grocery wholesale giant United Natural Foods hit by cyberattack

United Natural Foods (UNFI), North America's largest publicly traded wholesale distributor, was forced to shut down some systems following a recent cyberattack.

The Rhode Island-based company operates 53 distribution centers and delivers fresh and frozen products to over 30,000 locations across the United States and Canada, including supermarket chains, e-commerce providers, natural product superstores, independent retailers, and food service customers.

UNFI reported $31 billion in annual revenues in August 2024, works with more than 11,000 suppliers, and has over 28,000 workers.

In an 8-K filing with the U.S. Securities and Exchange Commission and a press release on its website, the company disclosed that a cyberattack discovered on Thursday, June 5th, forced it to take some systems offline, which impacted customer orders.

"The Company promptly activated its incident response plan and implemented containment measures, including proactively taking certain systems offline, which has temporarily impacted the Company's ability to fulfill and distribute customer orders," UNFI said.

"The incident has caused, and is expected to continue to cause, temporary disruptions to the Company's business operations."

Since the breach was discovered, the wholesaler giant has notified relevant law enforcement authorities and hired external cybersecurity experts to investigate the incident.

UNFI has also taken measures to maintain customer service continuity, implementing workarounds until affected systems are restored.

"The Company is working actively to assess, mitigate, and remediate the incident with the assistance of third-party cybersecurity professionals and has notified law enforcement," it added.

"Pursuant to its business continuity plans, the Company has implemented workarounds for certain operations in order to continue servicing its customers where possible. The Company is continuing to work to restore its systems to safely bring them back online."

A UNFI spokesperson was not immediately available for comment when contacted by BleepingComputer earlier today.

In March, ​Walmart-owned warehouse supermarket chain Sam's Club also disclosed it was investigating claims of a Clop ransomware breach.