Whole Foods has been facing increasing challenges due to cyberattacks on key distributors, affecting the retail food supply chain significantly.
According to reports, customers in several stores found shelves disturbingly bare, prompting the grocery chain, owned by Amazon, to issue vague messages about “temporary supply challenges.”
Internal notes indicate that Whole Foods informed staff about issues arising from cyberattacks on United Natural Foods Inc. (UNFI), affecting their ability to select and distribute products.
“Normal delivery schedules and product availability will be impacted,” the communication noted.
UNFI, based in Rhode Island, serves over 30,000 stores, including Whole Foods. Recently, they reported a “cybersecurity incident” that disrupted critical systems, shutting down operations and delaying food shipments across the US and Canada.
“We’re working to restock our shelves as quickly as we can and sincerely apologize for any inconvenience our customers are facing,” said a spokesperson from Whole Foods.
In its regulatory submissions, UNFI acknowledged “fraudulent activity” detected in its system, leading to parts of its network being taken offline.
On Wednesday, the company mentioned it was gradually starting to restore its ordering and receiving systems.
“We are committed to steadily restoring our systems and providing the services our customers and suppliers expect,” stated a UNFI spokesperson.
Grocery chains dependent on UNFI’s extensive distribution network have had to adapt. In New York City, for instance, Morton Williams is exploring alternative sources for essentials like dairy, frozen foods, and bottled beverages.
Employees and customers nationwide are feeling anxious about these developments. For example, a bakery worker shared on Reddit that they had to cancel several graduation cake orders because the necessary ingredients didn’t arrive as planned.
This attack on UNFI is part of a troubling trend, with cyber incidents becoming more common among major consumer companies. Just last month, Victoria’s Secret had to take its website down and postpone revenue reporting due to a similar breach.
“These incidents, like what we’re seeing with UNFI and Victoria’s Secret, highlight a growing trend where attackers are targeting vital infrastructure and popular consumer platforms for maximum disruption,” noted a cybersecurity expert.
While UNFI has not revealed who was behind the attack or if any demands were made, CEO Sandy Douglas indicated that the breach was discovered on a Friday, leading to a precautionary shutdown of systems. Employees, however, express concerns about a potentially lengthy recovery process.
According to one Reddit user claiming to work at UNFI, “It’s still unclear how long it will take to return to normal. Even when they start recovering, it’ll have to be done gradually.”
UNFI recently reported $8.1 billion in quarterly sales, but its stock dropped by 8.5% following news of the cyber incident, reflecting investor worries about the scale and duration of the disruption.
The timing couldn’t be more challenging. With supply chains still vulnerable from the pandemic, this incident underscores weaknesses in the logistics framework of the food industry.
For many retailers, UNFI represents a crucial link between manufacturers and store shelves, and alternatives aren’t readily available.
Shoppers may continue to experience stock issues as UNFI gradually comes back online and Whole Foods strives to replenish its inventory.
