Whole Foods' working to restock shelves as distributor faces cyberattack: Reports

LOS ANGELES - A major supplier to Whole Foods has paused deliveries across the country following a cyberattack that disabled its ordering systems, raising concerns about potential product shortages and empty shelves.

United Natural Foods, Inc. (UNFI), a $31 billion distributor of organic and natural goods, said in a regulatory filing Monday that it "identified unauthorized activity in our systems" and is now working with law enforcement and third-party cybersecurity experts to investigate.

The company, which is based in Rhode Island, told retail partners over the weekend that there would be no deliveries Monday and that it did not know when regular operations would resume, according to reporting by the New York Post.

How the cyberattack is disrupting grocery chains

The backstory:

The impact is already being felt by grocers nationwide. "It’s bringing the company to a standstill with no orders generated and no orders coming in," Steve Schwartz, director of sales at the New York-based Morton Williams grocery chain, told the New York Post.

UNFI supplies a wide range of products — including frozen foods, dairy, and beverages — to Whole Foods and other retail chains. Morton Williams stores reported shortages in products like Stonyfield yogurt and La Croix sparkling water, prompting them to contact alternative suppliers in case the disruption continues.

Bakeries and smaller retailers voiced more immediate concerns online. "We’re out of components to make the cakes and tarts so we’ll have an empty case," one bakery posted, noting they’d already sold out of most items the night before. Another person identifying as a scratch bakery employee said they didn’t receive even the basics — flour or cake blanks — during one of the busiest weeks of the year.

What they're saying:

Employees within UNFI have posted anonymously about the outage on Reddit, reporting that internal systems went down nationwide last Friday around 3:30 p.m. "They’ve been calling us in every day since to come pick y’all’s groceries in hopes that our systems come back on," one user wrote. "So far that has not been the case. That’s all we know, corporate isn’t telling us s—."

Another employee said they were told by a branch VP that even once systems return, recovery would happen in phases and would take time to stabilize. "It’s a mystery as of yet what is going to happen and how long it’s going to be until things are back to normal," they wrote.

Why you should care:

UNFI is a core part of the supply chain for Whole Foods and other grocery stores across the U.S. A prolonged disruption could mean not only empty shelves but further strain on an already fragile food distribution network still recovering from pandemic-era supply shocks.

Cybersecurity experts say this is part of a growing pattern. "What we are seeing with UNFI and, just last week, with Victoria’s Secret, reflects a growing trend: threat actors are targeting critical infrastructure and high-traffic consumer platforms for maximum disruption and financial leverage," said Adrianus Warmenhoven, a cybersecurity expert at NordVPN, in a statement to the New York Post.

What's next:

UNFI is continuing to investigate the attack and has not provided a timeline for when deliveries will resume. Whole Foods has not yet commented publicly. 

UNFI is scheduled to report third-quarter results on June 10. Its shares fell more than 8% on Monday.