Whole Foods' Empty Shelves Cyberattack to Blame?

Cyberattack on Grocery Distributor Disrupts Whole Foods Supply Chain

A cyberattack targeting United Natural Foods (UNFI), a major wholesale grocery distributor and key supplier for Amazon's Whole Foods Market, has sent ripples through the food supply chain, leading to noticeable shortages on store shelves across the country.

The Rhode Island-based company, in a statement released on Monday, June 9th, confirmed that it proactively shut down several of its systems after detecting "unauthorized activity." This decisive action, though necessary, has resulted in temporary disruptions to their operations.

"As soon as we discovered the activity, an investigation was initiated with the help of leading forensics experts, and we have notified law enforcement," UNFI stated. "We are assessing the unauthorized activity and working to restore our systems to safely bring them back online."

The company initially detected the intrusion on Thursday, June 5th, and promptly filed a report with the U.S. Securities and Exchange Commission (SEC), acknowledging the potential for continued disruptions.

The impact is already being felt by consumers. Reports of empty shelves and product shortages are surfacing across social media, with shoppers expressing concern over the vulnerability of the food supply chain.

One X (formerly Twitter) user from San Diego posted:

"At Whole Foods just now. Lotsa shelves empty. I asked what's going on. One of the largest food distributors in the US got cyberattacked. That's umm troubling the food supply can be disrupted this way."

Specific details regarding the nature of the cyberattack remain scarce. UNFI has yet to confirm whether any data was compromised or if a specific perpetrator has been identified. As of now, no ransomware group has claimed responsibility for the attack, according to Straight Arrow News' analysis of dark web leak sites.

Grace Turiano, UNFI's director of external communications, assured the public that the company is diligently working to restore its systems. "We continue working steadily to safely restore our systems and provide the services our customers and suppliers know and expect from us," Turiano said in a statement to Straight Arrow News. "As of today, we're gradually bringing our ordering and receiving capabilities back online, with the goal of further increasing our capacity over the coming days."

UNFI's priorities are clear:

• Safely restore systems.
• Minimize disruptions to customers and suppliers.
• Cooperate with law enforcement and forensic experts.

According to an internal communication at Whole Foods, the recovery process could take "several days to resolve."

This incident underscores the growing threat of cybercrime targeting the food industry. In March, Sam's Club, owned by Walmart, also investigated a breach claimed by the ransomware group "Cl0p." This highlights a concerning trend that demands increased vigilance and robust cybersecurity measures across the entire food supply chain.

The cyberattack on United Natural Foods serves as a stark reminder of the interconnectedness of our modern systems and the potential consequences of cyber vulnerabilities. While the immediate impact is felt in sparsely stocked grocery shelves, the incident prompts a broader conversation about the importance of cybersecurity in protecting critical infrastructure and ensuring the stability of our food supply. Hopefully, UNFI's swift response and ongoing efforts will mitigate the long-term effects and prevent future disruptions.

Source: https://san.com/cc/grocery-wholesaler-shuts-down-systems-after-cyberattack-impacting-whole-foods/