Supermarket distributor Peter Green Chilled was hit by ransomware which could potentially see tons of food wasted.

In an email sent on Thursday, seen by the BBC, the company said it had been the victim of a ransomware attack. The email said no orders would be processed on Thursday, although any order prepared on Wednesday would be sent.

Peter Green Chilled confirmed to the BBC the cyber attack happened on Wednesday evening but it said it was not in a position to discuss further.

It told BBC's Wake Up to Money clients were "receiving regular updates" including "workarounds" on how to continue deliveries while one of its customers said thousands of their products could go to waste.

Raghu Nandakumara, head of industry solutions at Illumio, said: “This latest attack on Peter Green Chilled highlights a troubling trend: the UK retail sector is under siege from increasingly aggressive cyber-criminals. It’s not just retailers who suffer; these attacks directly impact the public. When systems go down, people can’t shop for essentials or access services they rely on. The societal impact of attacks is significant.”

Javvad Malik, lead security awareness advocate at KnowBe4, said the attack highlights the vulnerability of our food supply chain to cyber threats. “With the time-sensitive nature of food logistics, this makes such firms particularly attractive targets for cyber-criminals,” he said. “The consequences of downtime extend beyond financial losses, potentially leading to food waste, and supply shortages. The urgency that this creates increases the likelihood of ransom payments, as companies may feel pressured to swiftly resume operations.

“This attack serves as a potent reminder that cybersecurity in logistics isn't just about protecting data - it's about maintaining the continuity of essential services. Smaller firms like Peter Green Chilled, while often overlooked, play a crucial role in our national infrastructure."

Clearest Example

Jamie Akhtar, CEO and Co-founder at CyberSmart, called this “one of the clearest examples you could wish for of cyber-criminals targeting smaller organisations in complex supply chains.”

As Peter Green Chilled mostly supply smaller retailers and stores in the Somerset area, Akhtar said this tactic has become increasingly prevalent over the past few years, as hackers have realised that they don’t need to target large, well-protected businesses to cause disruption.

“Instead, in every supply chain, there is likely to be at least one small business that provides something vital but has relatively weak cyber defences. So, all cyber-criminals need to do is target them, whether to gain access to the larger business’s systems via the backdoor, or to create disruption in its supply chain.”

He said that the recent attacks on chains like M&S and the Co-op were both directly targeted, but it’s becoming ever more common for cyber-criminals to launch attacks in this way, putting small businesses at huge risk.

“Fortunately, few of these attacks are highly sophisticated, meaning that they can usually be avoided by putting the basics of cybersecurity in place,” he said.

Dan Raywood

Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.