America’s largest natural food distributor UNFI suffers a crippling cyberattack, leaving Whole Foods and thousands of other grocery retailers scrambling for supplies as shelves begin to empty across the nation.
Key Takeaways
- United Natural Foods Inc. (UNFI), Whole Foods’ primary supplier, has halted deliveries following a significant cyberattack on their systems
- The attack has brought UNFI’s operations to a “standstill,” with no orders being generated or fulfilled, causing immediate supply chain disruptions
- UNFI’s stock plummeted 8.5% as the company scrambles to restore systems with the help of cybersecurity experts
- Local grocery stores, bakeries, and other retailers are urgently seeking alternative suppliers as essential products run out
- The attack represents a growing trend of cybercriminals targeting critical infrastructure and consumer platforms for maximum disruption
Critical Infrastructure Under Attack
The cyberattack on United Natural Foods Inc. (UNFI) has paralyzed operations at America’s largest natural and organic food distributor, forcing the company to shut down deliveries to approximately 30,000 locations nationwide, including all Whole Foods Market stores. UNFI detected unauthorized activity in its computer systems last week and immediately implemented containment measures, including taking various systems offline to investigate the breach. This aggressive but necessary response has effectively crippled the company’s ability to process orders, access inventory systems, and coordinate deliveries across its vast distribution network.
“It’s bringing the company to a standstill with no orders generated and no orders coming in,” said Steve Schwartz, according to the New York Post.
The timing couldn’t be worse for UNFI, which was scheduled to release its third-quarter financial results on June 10. Instead, the company now faces plummeting stock values, with shares dropping 8.5% following the announcement of the cyberattack. The full extent of the financial damage remains unknown, but with each passing day of disrupted operations, the costs continue to mount for this critical component of America’s food supply chain infrastructure.
Grocery Stores Scramble for Alternatives
The impact of UNFI’s distribution shutdown is already being felt across thousands of grocery stores, with Whole Foods Market experiencing the most significant disruption due to its exclusive supply agreement with UNFI that runs until May 2032. While Whole Foods has publicly acknowledged the situation, their response has been limited to damage control rather than offering concrete solutions. Store managers and employees are reportedly working overtime to manage inventory and find alternative sources for essential products as shelves begin to empty in certain departments.
🚨 United Natural Foods, Inc. (@UNFI) is currently experiencing a #cyberattack, potentially a #ransomware incident. UNFI is a major wholesale food distributor in the #USA 🇺🇸 and #Canada 🇨🇦.
The incident is having a direct impact on its clients, including supermarkets and end… pic.twitter.com/UsT53Klsj4
— VenariX (@_venarix_) June 9, 2025
“A Whole Foods spokesperson told The Independent that they are ‘working to restock our shelves as quickly as possible and apologize for any inconvenience this may have caused for customers,'” as reported by The Independent.
Other retailers that rely on UNFI are facing even more desperate circumstances. The Morton Williams grocery chain has been forced to seek alternative suppliers on short notice, while numerous smaller businesses like local bakeries are already running out of essential ingredients. Without the established infrastructure to quickly pivot to new suppliers, many of these smaller operations face the prospect of temporary closures if UNFI cannot restore normal operations within days rather than weeks.
Growing Cybersecurity Threat to Critical Infrastructure
This attack on UNFI represents a disturbing escalation in cyber threats targeting America’s essential supply chains and infrastructure. Cybersecurity experts note that this incident follows a similar pattern to last fall’s attack on Dutch grocery company Ahold Delhaize, suggesting organized and sophisticated threat actors are specifically targeting food distribution networks. The timing and execution of these attacks demonstrate a strategic approach to maximizing disruption of essential services that American citizens depend on daily.
“What we are seeing with UNFI and, just last week, with Victoria’s Secret, reflects a growing trend: threat actors are targeting critical infrastructure and high-traffic consumer platforms for maximum disruption and financial leverage,” said Adrianus Warmenhoven, according to the New York Post.
UNFI has stated they are “assessing the unauthorized activity and working to restore our systems to safely bring them back online,” and that they are collaborating with third-party cybersecurity experts to determine the cause and develop solutions. The company has also notified law enforcement, though no information has been released regarding potential perpetrators or whether ransom demands have been made. This incident highlights the increasing vulnerability of America’s critical infrastructure to digital attacks and raises serious questions about the adequacy of current cybersecurity measures protecting our essential supply chains.
