Whole Foods reportedly directed staff to downplay increasingly empty aisles after a cyberattack on its essential distributor crippled deliveries and sent ripple effects through the retail food supply chain.
The Amazon-owned supermarket chain posted vague notices about “temporary supply challenges” as frustrated customers were greeted with bare shelves at several locations, in keeping with TechCrunch.
In an internal memo obtained by the outlet, Whole Foods told staffers that the cyberattack on United Natural Foods Inc. (UNFI) is its “ability to pick and ship products from their warehouses.”
“It will impact our normal delivery schedules and product availability,” the memo added.
The Rhode Island-based wholesaler, which supplies greater than 30,000 stores including Whole Foods, reported a “cybersecurity incident” last week that forced it to take critical systems offline, halting operations and delaying shipments of food and other essentials to supermarkets across the US and Canada.
“We’re working to restock our shelves as quickly as possible and apologize for any inconvenience this may occasionally have caused for purchasers,” Whole Foods spokesperson Nathan Cimbala told The Post.
UNFI confirmed in a regulatory filing that it had discovered “unauthorized activity in our systems” late last week and had taken portions of its network offline in response.
On Wednesday, the corporate said it had begun restoring its ordering and receiving systems in phases.
“We proceed working steadily to securely restore our systems and supply the services our customers and suppliers know and expect from us,” a UNFI spokesperson told The Post.
“As of today, we’re step by step bringing our ordering and receiving capabilities back online, with the goal of further increasing our capability over the approaching days. The investigation is ongoing with the support of leading forensics experts. Our customers, suppliers, and associates are our highest priority. We proceed to work closely with them to reduce disruptions as much as possible.”
Grocery chains depending on UNFI’s massive distribution network are being forced to improvise. In Latest York City, Morton Williams has already begun looking for alternate sources for staples equivalent to dairy, frozen foods, and bottled beverages.
“It’s bringing the corporate to a standstill with no orders generated and no orders coming in,” Steve Schwartz, Morton Williams’ director of sales, told The Post earlier this week.
Across the country, store employees and shoppers are feeling the strain.
One bakery employee posted to Reddit that that they had to cancel several graduation cake orders after deliveries of key ingredients didn’t arrive.
The attack on UNFI is the newest in a string of cyber incidents targeting major consumer-facing corporations. Just last month, Victoria’s Secret was forced to take its website offline and delay its earnings report after the same breach.
“What we’re seeing with UNFI and, just last week, with Victoria’s Secret, reflects a growing trend: threat actors are targeting critical infrastructure and high-traffic consumer platforms for max disruption and financial leverage,” Adrianus Warmenhoven, a cybersecurity expert at NordVPN, told TechCrunch.
UNFI has not disclosed the identity of the attackers or their demands, if any. CEO Sandy Douglas told investors the breach was discovered Friday and that systems were intentionally shut down as a precaution. But employees say the road to recovery may very well be long.
“It’s a mystery as of yet what’s going to occur and the way long it’s going to be until things are back to normal,” wrote one Reddit user claiming to work for UNFI. “Even after they can begin to get back on course it should must be done in phases.”
UNFI, which reported $8.1 billion in quarterly sales for the period ending May 3, saw its shares drop 8.5% following news of the breach — an indication of investor concern over the size and duration of the disruption.
The timing couldn’t be worse. With supply chains still fragile after years of pandemic-related strain, the cyberattack has exposed vulnerabilities within the food industry’s logistical backbone.
For a lot of retailers, UNFI is a critical link between manufacturers and store shelves — and there’s no quick substitute.
As UNFI works to get back online and Whole Foods hustles to restock, shoppers may proceed to come across gaps in inventory.
The Post has sought comment from UNFI.
Whole Foods reportedly directed staff to downplay increasingly empty aisles after a cyberattack on its essential distributor crippled deliveries and sent ripple effects through the retail food supply chain.
The Amazon-owned supermarket chain posted vague notices about “temporary supply challenges” as frustrated customers were greeted with bare shelves at several locations, in keeping with TechCrunch.
In an internal memo obtained by the outlet, Whole Foods told staffers that the cyberattack on United Natural Foods Inc. (UNFI) is its “ability to pick and ship products from their warehouses.”
“It will impact our normal delivery schedules and product availability,” the memo added.
The Rhode Island-based wholesaler, which supplies greater than 30,000 stores including Whole Foods, reported a “cybersecurity incident” last week that forced it to take critical systems offline, halting operations and delaying shipments of food and other essentials to supermarkets across the US and Canada.
“We’re working to restock our shelves as quickly as possible and apologize for any inconvenience this may occasionally have caused for purchasers,” Whole Foods spokesperson Nathan Cimbala told The Post.
UNFI confirmed in a regulatory filing that it had discovered “unauthorized activity in our systems” late last week and had taken portions of its network offline in response.
On Wednesday, the corporate said it had begun restoring its ordering and receiving systems in phases.
“We proceed working steadily to securely restore our systems and supply the services our customers and suppliers know and expect from us,” a UNFI spokesperson told The Post.
“As of today, we’re step by step bringing our ordering and receiving capabilities back online, with the goal of further increasing our capability over the approaching days. The investigation is ongoing with the support of leading forensics experts. Our customers, suppliers, and associates are our highest priority. We proceed to work closely with them to reduce disruptions as much as possible.”
Grocery chains depending on UNFI’s massive distribution network are being forced to improvise. In Latest York City, Morton Williams has already begun looking for alternate sources for staples equivalent to dairy, frozen foods, and bottled beverages.
“It’s bringing the corporate to a standstill with no orders generated and no orders coming in,” Steve Schwartz, Morton Williams’ director of sales, told The Post earlier this week.
Across the country, store employees and shoppers are feeling the strain.
One bakery employee posted to Reddit that that they had to cancel several graduation cake orders after deliveries of key ingredients didn’t arrive.
The attack on UNFI is the newest in a string of cyber incidents targeting major consumer-facing corporations. Just last month, Victoria’s Secret was forced to take its website offline and delay its earnings report after the same breach.
“What we’re seeing with UNFI and, just last week, with Victoria’s Secret, reflects a growing trend: threat actors are targeting critical infrastructure and high-traffic consumer platforms for max disruption and financial leverage,” Adrianus Warmenhoven, a cybersecurity expert at NordVPN, told TechCrunch.
UNFI has not disclosed the identity of the attackers or their demands, if any. CEO Sandy Douglas told investors the breach was discovered Friday and that systems were intentionally shut down as a precaution. But employees say the road to recovery may very well be long.
“It’s a mystery as of yet what’s going to occur and the way long it’s going to be until things are back to normal,” wrote one Reddit user claiming to work for UNFI. “Even after they can begin to get back on course it should must be done in phases.”
UNFI, which reported $8.1 billion in quarterly sales for the period ending May 3, saw its shares drop 8.5% following news of the breach — an indication of investor concern over the size and duration of the disruption.
The timing couldn’t be worse. With supply chains still fragile after years of pandemic-related strain, the cyberattack has exposed vulnerabilities within the food industry’s logistical backbone.
For a lot of retailers, UNFI is a critical link between manufacturers and store shelves — and there’s no quick substitute.
As UNFI works to get back online and Whole Foods hustles to restock, shoppers may proceed to come across gaps in inventory.
The Post has sought comment from UNFI.
