United Natural Foods, the main distributor for Amazon’s Whole Foods, has been targeted in a cyber attack that has caused limited disruption to the company’s operations. Some of its impacted systems were also taken offline as part of containment measures.
According to its filing with the SEC, the company claims it detected unauthorised activity on its IT systems on June 5. Several affected systems had to be taken offline, affecting the company’s ability to fulfil and distribute customer orders. Additionally, the incident is expected to cause further disruptions to business operations.
The distributor is currently investigating the issue with law enforcement and cybersecurity experts, but no additional information about the attack has been shared at the moment. It does claim it has implemented “workarounds for certain operations in order to continue servicing its customers where possible,” so customer orders should eventually be delivered.
There has been a steady rise in cyberattacks targeting distributors, retail stores, and more in 2025. Most of these attacks follow the same pattern as the one seen here, and end up being ransomware attacks where a cybercriminal group gains access to a retailer’s customer data and wants to ransom it for money.
Retailers make good targets for ransomware groups because of the data they hold on their customers. This data often involves things like full addresses, payment details, and phone numbers, which can be exploited to carry out anything from identity theft to full-scale financial fraud. So even if the targeted company refuses to pay a ransom, the hackers can still find buyers willing to pay good money for the stolen data on underground hacking forums.
Of course, United Natural Foods hasn’t confirmed that this was indeed a ransomware attack, but it bears the usual hallmarks of one. In case it does indeed turn out to be one, how the company deals with the cybercrooks controls what happens to your data.
In the News: Google fixes bug leaking account phone numbers
