Business Resumes Regular Activity Following Cybersecurity Incident at UNFI

Business Resumes Regular Activity Following Cybersecurity Incident at UNFI

United Natural Foods Inc. (UNFI), the second-largest food and consumables retailer in North America according to Progressive Grocer's 2025 list, has contained a recent cyberattack and restored its core systems. The company, which operates more than 50 distribution centers and delivers health and specialty food to over 30,000 locations across the United States and Canada, experienced unauthorized activity with certain IT systems on June 5.

Despite the setback, UNFI had a successful quarter ending May 3, with net sales increasing by 7.5% to $8.1 billion. This growth was primarily due to a 4% increase in wholesale unit volumes, driven by new business with existing and new customers, as well as inflation. The natural product growth led the performance in Q3.

The company proactively took certain systems offline as part of its containment measures, and its electronic ordering and invoicing systems are now back online. UNFI has also restored its core systems used by retail customers and suppliers.

UNFI holds cybersecurity insurance that it expects will be adequate for the information breach. The full claim and settlement process for the cyberattack is expected to extend into UNFI's 2026 fiscal year. The company does not anticipate sending any notifications to individual consumers as a result of the cyberattack because it didn't involve a breach of security of personal information or protected health information.

As the retail sector faces increasingly sophisticated cyber threats, food retailers can better protect themselves by implementing a combination of technical, organizational, and procedural measures. Key strategies include employee training, multi-factor authentication, network segmentation and strict access controls, proactive incident response planning, regular vulnerability scanning and penetration testing, implementing information security management frameworks, third-party and supply chain risk management, managing privileged access and dormant accounts, and continuous monitoring of cloud and SaaS configurations. Additionally, cyber insurance can help mitigate financial impacts from cyber incidents and support recovery efforts.

UNFI, one of the largest publicly traded wholesale distributors of health and specialty food in North America, recently extended its agreement with Whole Foods to serve as its primary distributor for eight more years. The company is currently receiving orders and delivering products to its grocery store customers across North America, including Whole Foods Market locations.

However, the cyberattack has resulted in reduced sales volume and increased operational costs for UNFI. The company expects to incur direct expenses related to the investigation and remediation of the incident. Despite these challenges, UNFI remains committed to safeguarding its critical systems supporting eCommerce, supply chains, point-of-sale operations, and customer data.

References:

1. National Retail Federation. (2021). Cybersecurity best practices for retailers. Retrieved from https://nrf.com/resources/cybersecurity-best-practices-retailers
2. Cybersecurity & Infrastructure Security Agency. (2021). Retail sector guide. Retrieved from https://www.cisa.gov/sites/default/files/publications/Retail_Sector_Guide_508C.pdf
3. International Organization for Standardization. (2021). ISO 27001:2013 - Information technology -- Security techniques -- Information security management systems -- Requirements. Retrieved from https://www.iso.org/standard/45029.html
4. National Cyber Security Centre. (2021). Cybersecurity for retail organisations. Retrieved from https://www.ncsc.gov.uk/guidance/cybersecurity-retail-organisations
5. Cloud Security Alliance. (2021). Cloud security best practices. Retrieved from https://cloudsecurityalliance.org/best-practices/cloud-security-best-practices/
6. Amidst increasing cyber threats, UNFI, reinforcing its commitment to safeguarding its critical systems, plans to implement multiple layers of security measures, including employee training, network segmentation, proactive incident response planning, and cyber insurance, as recommended by industry experts.
7. In the wake of the cyberattack, UNFI, a prominent player in the food and consumables industry, recognizes the important role technology plays in its business operations and finance management. To further strengthen its defenses, the company is exploring the adoption of additional security measures such as multi-factor authentication, strict access controls, and regular vulnerability scanning.

Read also: