The food and beverage industry faces significant threats.
Criminals aiming to extort intellectual property, personal data, and funds from suppliers, retailers, and manufacturers are attacking the sector, with alarming success.
Recently, Marks & Spencer and Co-op were targeted in quick succession, leading to empty shelves, halted online payments, compromised employee and customer information, and ransom demands.
Hackers accessed these retailers’ systems by impersonating employees and requesting password resets through the companies’ IT help desks.
Now, a significant player in the food distribution sector has also fallen prey to cybercriminals.
Cybercriminals Target Another Victim
United Natural Foods Inc. (UNFI), the main distributor for Whole Foods in the U.S., has taken steps to go offline after hackers infiltrated their systems.
“We have identified unauthorised activity in our systems and have proactively taken some systems offline while we investigate,” stated a company spokesperson. “As soon as we discovered the activity, an investigation was initiated with the help of leading forensics experts and we have notified law enforcement. We are assessing the unauthorised activity and working to restore our systems to safely bring them back online.”
The Amazon-owned company, which produces private label products for several supermarkets including Whole Foods, has not disclosed details regarding the nature of the attack or any potential data breaches.
However, shoppers have reported empty shelves at Whole Foods locations, with signage indicating the store is “experiencing a temporary out of stock issue for some products.”
To date, no ransomware groups have claimed responsibility for this breach.