Whole Foods supplier making progress on restoration after cyberattack left shelves empty

Avatar

United Natural Foods (UNFI) said it is now able to receive orders and deliver products to grocery stores across North America after a cyberattack limited its ability to operate last week. 

Shoppers at Whole Foods and several other grocery stores across the U.S. found empty shelves for much of last week after the incident was discovered on June 5

In a statement on Sunday evening, UNFI said over the past few days it has “made significant progress toward safely restoring [its] electronic ordering systems, which will allow us to serve the customers that order through these systems in a more automated way and continue to increase our operational capacity.”

“We are also using alternative processes to ensure our customers receive the products they need while we continue making progress to restore our technology capabilities,” the company said.

UNFI is the main supplier for Whole Foods and is considered the largest health and specialty food distributor in the United States and Canada. It serves over 30,000 customer locations and offers about 250,000 products managed through 55 distribution centers and warehouses.

The company reported more than $8 billion in net sales last quarter but during an earnings call on June 10, CEO Sandy Douglas said they “are focused on diligently managing through the cyber incident” and intended to “rapidly and safely restore our capabilities, while helping our customers with short-term solutions wherever possible.”

Before the weekend, UNFI said the “vast majority” of its distribution centers were now shipping and receiving products, but the company noted that it planned to gradually increase its operational capacity over the next few days, “including the ability to accept electronic orders.”

While the company recovered from the attack, officials said they were using manual workarounds to help customers. 

Local news outlets reported that grocery stores were working with UNFI using “old school” methods that involve paper and pen tracking of deliveries and more. Several stores noted that they have been provided with no timeline on when UNFI systems will be restored, so shoppers should expect some items to be out of stock. 

Investigations into the incident are continuing but law enforcement was initially notified after the attack was discovered. 

IndustryCybercrimeNews
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

Police dismantle Archetyp dark web drug market, arrest administrator

Next Post

Anubis Ransomware Encrypts and Wipes Files, Making Recovery Impossible Even After Payment

Related Posts

Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States

Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024. "The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by 'Wang Duo Yu,'" Cisco Talos researchers Azim Khodjibaev, Chetan
Avatar
Read More

Veeam Patches CVE-2025-23121: Critical RCE Bug Rated 9.9 CVSS in Backup & Replication

Veeam has rolled out patches to contain a critical security flaw impacting its Backup & Replication software that could result in remote code execution under certain conditions. The security defect, tracked as CVE-2025-23121, carries a CVSS score of 9.9 out of a maximum of 10.0. "A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user," the
Avatar
Read More