The company was forced to take systems down last week.
United Natural Foods was forced to shut down some systems following a recent cyber-attack.
According to Bleeping Computer, the Rhode Island-based company operates 53 distribution centers and delivers fresh and frozen products to over 30,000 locations, including supermarket chains, e-commerce providers, natural product superstores, independent retailers, and food service customers.
In a recent 8-K filing with the U.S. Securities and Exchange Commission and a press release on its website, the company disclosed that a cyber-attack discovered on Thursday, June 5th, forced it to take some systems offline, which impacted customer orders.
"The Company promptly activated its incident response plan and implemented containment measures, including proactively taking certain systems offline, which has temporarily impacted the Company's ability to fulfill and distribute customer orders," UNFI said. "The incident has caused, and is expected to continue to cause, temporary disruptions to the Company's business operations."
No Responsibility
UNFI did not reveal the nature of the attack or whether the attackers stole any data from the company's network. Additionally, no ransomware operations have claimed responsibility for the breach.
"We are assessing the unauthorised activity and working to restore our systems to safely bring them back online. As we work through this issue, our customers, suppliers, and associates are our highest priority," UNFI spokesperson Inès de Miranda told BleepingComputer.
Michael Freeman, head of threat intelligence at Armis, said: “The United Natural Foods cyber incident is another stark reminder that the retail industry remains a highly sought-after target by hackers, and there appears to be no end in sight.
“This is more than a wake-up call to retailers to evolve their cybersecurity playbooks. It requires a mindset shift; when we surveyed retail IT decision-makers earlier this year, 41 percent said they have encountered a rise in cyber threat activity over the past six months when compared to the prior six months."
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
