UNFI Successfully Restores Core Systems Following Cybersecurity Incident

United Natural Foods, Inc. (UNFI), a prominent grocery wholesaler and key distributor for Whole Foods, has successfully restored its core operational systems following a recent cyberattack. The company announced on June 27, 2025, that it has revived its electronic ordering and invoicing systems, which had been significantly impacted by the attack.

The organization confirmed that the incident had been contained and that product deliveries to retail locations have returned to largely normalized levels. In a recent filing with the Securities and Exchange Commission (SEC), UNFI indicated a belief that the cyber incident is likely to materially affect its net income and adjusted EBITDA for the fourth fiscal quarter of 2025.

In the aftermath of the attack, UNFI experienced diminished sales volumes and escalated operational costs while striving to deliver solutions for its customers. The company noted that it has incurred and will continue to incur direct expenses tied to the investigation and remediation of the breach.

UNFI also expressed confidence in its cybersecurity insurance, asserting that it anticipates this coverage will be sufficient to address the incident’s financial repercussions, although the complete claims and settlements process may extend into the 2026 fiscal year.

Earlier in June, UNFI disclosed that the cyberattack on June 5 disrupted customer orders and led to temporary business interruptions, compelling the company to take certain systems offline. The breach became public knowledge following widespread employee reports on social media of system outages and subsequent shift cancellations.

Since the breach was detected, UNFI has engaged external cybersecurity professionals to conduct a thorough investigation and has notified law enforcement authorities. While the exact nature of the attack remains undisclosed and no ransomware group has claimed responsibility, the company indicated it does not expect to notify individual consumers as the incident did not involve breaches of personal or protected health information.

Headquartered in Rhode Island, UNFI reported $31 billion in annual revenue as of August 2024. Employing over 28,000 individuals and partnering with more than 11,000 suppliers across 53 distribution centers, UNFI delivers fresh and frozen goods to over 30,000 locations throughout the U.S. and Canada, including major supermarket chains, e-commerce platforms, and independent retailers.

This incident positions UNFI alongside other food industry entities that have faced similar cybersecurity challenges. Recently, Sam’s Club initiated an investigation into a ransomware breach linked to the Clop group, while JBS Foods paid an $11 million ransom in 2021 after a cyberattack from the REvil group that disrupted production across multiple sites globally.

Furthermore, recent cybercriminal activity, including attacks attributed to the Scattered Spider and DragonForce ransomware operations, has increasingly targeted retailers in the U.K., with indications of these threats now shifting toward U.S. companies, including both retail and insurance sectors.