United Natural Foods, one of the largest food wholesalers in the United States and a supplier to Whole Foods, took its systems offline in recent days after discovering unauthorized activity on its internal networks. The company reported the cyber incident on Monday.
A spokesperson for Whole Foods told Reuters news agency by email that the company is working to restock stores as quickly as possible. The spokesperson referred further questions to United Natural.
United Natural, based in Rhode Island, reported in a statement to the US Securities and Exchange Commission (SEC) on June 9 that it became aware of unauthorized activity on certain networks on June 5. As a precaution, the company shut down several systems.
The incident temporarily affected the ability to fulfill and distribute customer orders. There were also temporary disruptions in business operations.
Retail chains regularly targeted by cyber incidents
Several large retail chains in the United Kingdom and the United States have recently been hit by cyber incidents, including Marks & Spencer, Co-op, Harrods, and Victoria’s Secret.
United Natural did not provide any further details about the nature of the unauthorized activity. Similar disruptions at other companies have often resulted from ransomware attacks, in which criminals encrypt systems and then demand a ransom.
According to its website, United Natural Foods is the largest publicly traded wholesaler of healthier food options in the US and Canada. In May 2024, the company announced an eight-year extension of its partnership as the main supplier for Whole Foods, which Amazon acquired.
United Natural Foods reported revenue of $8.2 billion for the 13-week period ending February 1, 2025. United Natural’s stock fell more than 8% on Monday and ultimately closed nearly 7% lower at $25.94.
Tip: What the Marks & Spencer cyberattack can teach retailers