United Natural Foods, also known as UNF, a key supplier to Amazon-owned Whole Foods Market, was targeted by a cyber attack on June 5th, 2023. According to an official statement, the company has launched a full-scale investigation into the breach, which involved unauthorized access to its core systems. As a result, UNF warned that the disruption might cause a supply shortage in certain markets due to the impact on its operations.
UNF’s IT team has confirmed that the attack appears to be ransomware-related, with critical admin applications being hit hardest. This incident could potentially cause delays in food supply chains, affecting the delivery of fresh produce and packaged goods to over 30,000 locations across North America, including Whole Foods. However, the company is working tirelessly to restore its systems and mitigate any long-term effects on its supply chain.
While UNF has yet to submit a full report to the U.S. Securities and Exchange Commission (SEC), its IT department is actively investigating the extent of the cyber attack. The company has promised to provide timely updates as the situation develops.
This is not the first time a large corporation has fallen victim to a cyber attack this year. In April and May, UK-based retailer Marks & Spencer (M&S) experienced a similar breach, later linked to DragonForce ransomware. The attack caused millions in losses and disrupted their operations. Other high-profile cyber incidents in the UK, including attacks on Harrods and Co-op, have also raised concerns about the increasing vulnerability of large-scale retail and supply chain businesses.
Experts believe that cybercriminals have shifted their focus this year toward attacking supply chain operations and retail companies, seeking ransom payments by exploiting the risk of major disruptions. Ransomware gangs have targeted these industries because any breach could cause delays or shortages, prompting the victim to pay to restore encrypted data.
In the case of the UK-based M&S attack, ransom notes were sent directly to the company’s CEO, who had recently received a significant pay rise and incentives. Marks & Spencer confirmed the validity of the claims, while other businesses have yet to provide official statements on similar ransom notes sent to their leadership.
It’s important to note that with ransomware attacks evolving into double or even triple extortion schemes, there’s no guarantee that paying the ransom will result in the return of a decryption key. Experts recommend recovering from backups, if possible, and reporting the incident to law enforcement. This can help authorities track down the perpetrators, potentially leading to reimbursement for the victim.
As the investigation into UNF’s cyber-attack continues, businesses across industries are being urged to enhance their cybersecurity measures to protect their supply chains and prevent future disruptions.
Join our LinkedIn group Information Security Community!
