Cyberattack forces grocery wholesale giant United Natural Foods to shut down systems

United Natural Foods, Inc. (UNFI), the largest publicly traded wholesale food distributor in North America, has disclosed a significant cybersecurity incident that forced the company to take parts of its systems offline, resulting in disruptions to its supply chain operations. The Rhode Island-based company confirmed the cyberattack in a filing with the U.S. Securities and Exchange Commission and a press release issued on June 6, 2025.

The attack was discovered on Thursday, June 5, prompting the immediate activation of UNFI’s incident response plan. The company implemented containment measures that included proactively shutting down some systems, which temporarily affected its ability to process and distribute customer orders.

“The Company promptly activated its incident response plan and implemented containment measures, including proactively taking certain systems offline, which has temporarily impacted the Company’s ability to fulfill and distribute customer orders,” the statement read. “The incident has caused, and is expected to continue to cause, temporary disruptions to the Company’s business operations.”

UNFI operates 53 distribution centers and supplies a vast range of fresh and frozen food products to more than 30,000 customer locations across the United States and Canada. Its client base includes major supermarket chains, natural product superstores, independent retailers, e-commerce platforms, and food service businesses. In August 2024, UNFI reported $31 billion in annual revenues and maintains partnerships with over 11,000 suppliers while employing more than 28,000 workers.

In response to the breach, the company has enlisted third-party cybersecurity experts to assist in the investigation and remediation process. UNFI also reported the incident to law enforcement and is working to bring its systems safely back online.

“As part of its business continuity plans, the Company has implemented workarounds for certain operations in order to continue servicing its customers where possible,” the company noted. “The Company is continuing to work to restore its systems to safely bring them back online.”

Although widespread reports surfaced on social media suggesting system outages and shift cancellations for employees as early as Thursday, UNFI has yet to confirm specific operational impacts or the type of cyberattack involved. The company has not indicated whether any data was exfiltrated or if the breach involved ransomware. No threat group has claimed responsibility as of this time. A UNFI spokesperson was not immediately available for further comment.