Major Grocery Chain Distributor Suffers Significant Cyberattack, Impacting Stores across U.S.
Customers at Whole Foods, perhaps the most significant grocery outlet impacted, are complaining of empty shelves.
United Natural Foods, Inc. (UNFI), a major North American grocery wholesaler and primary distributor for Whole Foods Market and other grocery retailers, recently suffered a significant cyberattack that has disrupted its operations and affected grocery supply chains across the United States.
UNFI said it “proactively” shut down some of its systems as part of its response to the cyber incident and was “actively working to assess, mitigate, and remediate” the situation with the help of cybersecurity professionals. Taking systems offline has “temporarily impacted the Company’s ability to fulfill and distribute customer orders,” the filing said.
In UNFI’s third-quarter earnings release the following day, CEO Sandy Douglas said the grocery wholesaler was “focused on diligently managing through the cyber incident we announced yesterday to rapidly and safely restore our capabilities, while helping our customers with short-term solutions wherever possible.”
The company provides products to more than 30,000 customer locations, including those for large and small grocery retailers.
Customers at Whole Foods, perhaps the most significant grocery outlet impacted, are complaining of empty shelves.
“Our frozen cooler is empty, our bread hearth is bare and customers are increasingly upset,” one barista and bakery employee at a Whole Foods located in Arkansas told CNN.
The employee, who requested anonymity because she was not authorized to speak to the media, complained there is a “complete lack of transparency” about the disruption and that “nearly every department has been heavily impacted.”
United Natural Foods, the primary food distributor to Whole Foods, disclosed the damaging cyberattack and disruption to its business on Monday, sending its stock plunging 7%. UNFI (UNFI) shares sank more than 10% on Tuesday, leaving it down about 17% since disclosing the cyberattack
It’s unclear how widespread the supply disruptions to Whole Foods are, but an update from UNFI on Tuesday suggests significant problems. The company said it’s currently shipping to customers only on a “limited basis.”
Whole Foods cyberattack: empty shelves in wake of attack
[Someone just asked me why cyber attacks still matter if all our data is already stolen. Add empty grocery store shelves to the list.] https://t.co/0QyxVntzuM
— Teri Radichel #cybersecurity #pentesting (@TeriRadichel) June 11, 2025
The attack has also disrupted pharmacy operations at some locations. For example, in Minnesota, about half of the affected pharmacies were able to remain operational, but others could not fill new or refill prescriptions. Shortages of some medications were being reported.
WCCO talked with a triage nurse in the Twin Cities. She didn’t want to share her identity, but she did want to share the headache the Cub Foods pharmacy disruption is causing her patients.
“Anytime you transfer a controlled substance to a pharmacy that a pharmacy isn’t familiar with the patient, they need to call us and get all this information on the patient. So, then they’re waiting even longer for their prescriptions. We have one patient who’s been waiting four days to get her prescription filled,” the nurse told WCCO. “And then some of the medications we’re prescribing have shortages on them. So, they were getting them reliably from Cub and now they’re being told that they’ve got to call around everywhere else to find shortages. It’s wild.”
The cybersecurity profile for the firm apparently was not robust.
It’s not clear how much UNFI has spent on cybersecurity, nor who is ultimately responsible for cybersecurity at the company.
A spokesperson for UNFI did not respond to a request for comment when contacted by TechCrunch on Tuesday.
Much of the UNFI’s external-facing systems are offline, including web systems used by suppliers and customers, as well as the company’s VPN products, according to checks by TechCrunch.
TechCrunch: Whole Foods warns of shortages after cyberattack at its primary distributor UNFI #cyberattack #cyber #cybersecurity #outage #food https://t.co/Y9kZsWrfXA
— Dan Lohrmann (@govcso) June 11, 2025
DONATE
Donations tax deductible
to the full extent allowed by law.
Comments
If we keep letting illegals into this country all of our grocery stores will look like this.
And then, after the illegals get every benefit known to man and drain the country dry, they will grab their Mexican flags and riot in the streets, “Trump has made himself king, Trump has made himself king,”
Long live the King…
ho dat?
I am failing to see the connection.
Coming to a store near you
It’s wholly unclear to me how a cyber attack at a large grocery distributor can affect pharmaceuticals (which are absolutely NOT sourced through this distributor) at at the store level.
These stores aren’t owned by the distributor and would have no reason to share operational systems.
Any enlightenment, or should I assume the writer just conflated two unrelated problems?
More than one distributer has been targeted. These perps must be located and terminated.
I’m sure that Blondie is getting right on it
I’m sure you’re ignorant.
Modern Just In Time inventory systems have little slack if the re-order system goes down – for whatever reason. Cyber attack, labor strike, whatever the disruption cause many business’s can’t cope with more than a very short failure – wether you’re taking groceries, pharmacies,, or a fast food store.
Well ain’t all the digitization just grand? Today it is grocery distribution and pharmacy distribution getting hacked tomorrow the CBDC (Central Bank Digital.Currency) some want to impose across the Nation to replace physical Cash. I’m totes sure the digital currency won’t be used to track consumer purchases or location data and it will absolutely always work even when the grid or network or uplink goes down due to hurricane or tornado, wildfires,.floods or any number of catastrophic events./S
Bingo. Why else do you think TPTB are pushing the digital crap so heavily?
What I don’t understand is why internet connections from Russia, China, NK, Venezuela, Cuba, Iran, and other nasty players aren’t severed from the US. If other nation states allow traffic from those countries through, sever them too.
Frankly if I ran the CIA I’d put together a hit team and upon discover of foreign hackers dispatch them to dispatch the hackers. If I couldn’t terminate the hackers I’d terminate their families.
I agree completely, riots and hacking go hand in hand to disrupt America. Take the gloves off.
“If I couldn’t terminate the hackers I’d terminate their families.”
Spoken as a true barbarian.
Fuck off.
That’s because you don’t understand networking.
Even back in the ’60s when the US “made it impossible” to direct-dial Russia and Cuba, we… direct-dialed Russia and Cuba. Intermediate stops were involved, but no operator intervention.
Sever the lines including phone lines, Block the satellites. No lines, No connections,
Then you won’t be able to talk to your friends either.
i can live with that. I was thinking the NSA probably knows who and where the hackers are but prefer to watch and take notes,
Hardcore
Where is Soros?
Oh No. You mean I can’t hook my EV up to the free chargers and by $500 worth of guilt free groceries? How will I ever survive?
In 25 years of publicized “commercial” hacking exploits, I can think of only ONE that was executed by a conservative group — Stuxnet. These kinds of hacks are pretty much exclusively executed by leftists and apoliticals (“it’s just business”). They took out the leftists’ flagship grocery chain. It’s strictly popcorn territory, while we all take out puts on Trader Joe’s.
Interesting that it targeted the organic grocery chain … eating their own again.
owned by amazon owned by bezos.
Some. Many are nation state actions.
Aside from infiltrating middleware, the insider threats are one of the biggest causes. Idiots opening mail attachments they shouldn’t. Yes- that’s still a thing… and a big thing.
You’d think the older scams and especially phishing and social engineering breeches would have been played out but we keep seeing someone getting roped into the Nigerian Prince scam after decades of use. Heck the tale of the tinder swindler shows how gullible some folks still are if you can find the right buttons to push, emotions to play on, ‘opportunities’ to grab or whatever. The TV show American Greed nearly got me divorced b/c my wife didn’t understand why I was laughing… I laughed b/c the ‘victim’ was nearly always motivated by their own greed and the fear of ‘missing out’ which overcame their basic common sense and judgement.
“the ‘victim’ was nearly always motivated by their own greed”
You can’t cheat an honest man …
This isn’t the first time a cyber attack took down a grocery chain. Stop and Shop (like Giant, but for the northeast) was taken down a couple of times, most recently late last year. It took them several weeks to recover. See https://www.ctinsider.com/business/article/stop-and-shop-cybersecurity-problem-19906743.php
I think we are seeing dress rehearsals for operations to disrupt the homeland during combat operations elsewhere, like maybe the Indo-Pacific region.
Former President Obongo issued a statement decrying the price of arugala at Whole Foods.