American grocery wholesale giant United Natural Foods (UNFI) reports that it has restored its core systems and brought online the electronic ordering and invoicing systems affected by a cyberattack.
UNFI, which is also a primary distributor for Amazon’s Whole Foods, said in a Thursday update that the incident has been contained and that it’s now delivering products to stores at “more normalized levels.”
In a separate 8-K filing with the U.S. Securities and Exchange Commission, the grocery distributor said it believes the incident is also “reasonably likely” to have a material impact on its net income/(loss) and adjusted EBITDA for the year’s fourth fiscal quarter of 2025.
“In the weeks following the incident, the Company experienced reduced sales volume and increased operational costs as the Company worked to drive solutions-oriented results for its customers. The Company has also incurred, and expects to continue to incur, direct expenses related to the investigation and remediation of the incident,” UNFI said.
“The Company holds cybersecurity insurance that it currently expects will be adequate for the incident, and expects that the full claim and settlement process will extend into its 2026 fiscal year.”
UNFI disclosed earlier this month that a June 5 cyberattack impacted customer orders and caused temporary disruptions to business operations after it forced it to take some systems offline. The incident was disclosed following widespread reports on social media that the company’s systems had been down, and employees were having their shifts canceled.
Since the breach was discovered, UNFI has also hired external cybersecurity experts to investigate the incident and notified relevant law enforcement authorities.
UNFI has not yet disclosed the nature of the attack or whether any ransomware group has claimed responsibility for the breach. However, it told the SEC on Thursday that it “does not anticipate sending any notifications to individual consumers” since the incident “did not involve a breach of security of personal information or protected health information.”
The Rhode Island-based company reported $31 billion in annual revenue in August 2024. With over 28,000 employees, more than 11,000 suppliers, and 53 distribution centers, it delivers fresh and frozen products to over 30,000 locations in the U.S. and Canada, including supermarket chains, e-commerce providers, and independent retailers.
UNFI is the latest food industry company to face a data breach. In March, Sam’s Club, owned by Walmart, announced it was investigating a ransomware breach linked to the Clop ransomware gang. JBS Foods, the world’s largest beef producer, also paid an $11 million ransom in 2021 after REvil ransomware shut down production at multiple sites worldwide.
More recently, the Scattered Spider threat actors and the DragonForce ransomware operation have targeted UK retailers, such as Harrods, Co-op, and Marks & Spencer, and are now shifting their focus to U.S. retailers and insurance companies.
Patching used to mean complex scripts, long hours, and endless fire drills. Not anymore.
In this new guide, Tines breaks down how modern IT orgs are leveling up with automation. Patch faster, reduce overhead, and focus on strategic work — no complex scripts required.