United Natural Foods Inc. (UNFI), the largest wholesale food distributor in North America and the main logistics partner for Amazon’s Whole Foods, has suffered a major cyberattack, severely impacting operations across the US and Canada.
The incident came to light through a regulatory filing, where the company disclosed “unauthorized activity” in its IT systems. In response, critical systems were taken offline, and a forensic investigation was launched in collaboration with law enforcement.
“We are assessing the unauthorized activity and working to restore our systems to safely bring them back online,” UNFI said in a statement.
Operational Disruptions and Contingency Efforts
UNFI operates 53 distribution centers and services over 30,000 retail locations, including supermarket chains, e-commerce platforms, and independent stores. The attack has led to widespread disruptions, with the company implementing manual workarounds to continue limited services.
Algoritha: The Most Trusted Name in BFSI Investigations and DFIR Services
Although UNFI has not explicitly confirmed the nature of the attack, the scale and response suggest a likely ransomware incident, echoing similar threats recently faced by retail giants like Marks & Spencer, Harrods, and Co-op.
Retail Sector in the Crosshairs
Industry analysts are raising alarms about escalating cyber threats against retail infrastructure.
“Retail businesses are uniquely attractive – and vulnerable – targets,” said Warren O’Driscoll, Head of Security at NTT Data UK&I. “They operate on thin margins and any disruption to trade has immediate consequences.”
A recent Armis survey revealed that 41% of retail IT leaders reported increased threat activity in the past six months. Over 80% identified proactive cybersecurity as a top strategic priority for 2025.
“This is more than a wake-up call,” said Michael Freeman, Head of Threat Intelligence at Armis. “Retailers must evolve their security strategies and shift their mindset.”
FCRF x CERT-In Roll Out National Cyber Crisis Management Course to Prepare India’s Digital Defenders
Nation-State Concerns and Economic Impact
Experts warn that some ransomware actors may be state-affiliated, aiming not only for financial gain but also for economic disruption.
“With the UNFI attack, ransomware gangs smell blood in the water,” added O’Driscoll. “Each successful hit emboldens them and weakens national economic resilience.”
As recovery efforts continue, the United Natural Foods breach serves as another critical reminder of the retail industry’s growing exposure to cyber threats, especially those that can cripple supply chains and destabilize commerce.
About the author – Ayush Chaurasia is a postgraduate student passionate about cybersecurity, threat hunting, and global affairs. He explores the intersection of technology, psychology, national security, and geopolitics through insightful writing.