We were warned this would happen. And now here we are.
United Natural Foods (UNFI) has had to switch off systems after a cyberattack, crippling its operations. This is a huge deal, because UNFI is a big part of the grocery distribution network in the U.S. and Canada.
Once again, it looks like the work of UNC3944, a/k/a “Scattered Spider.” In today’s SB Blogwatch, we hoard canned goods.
Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Farewell, Skype sounds.
UNFInished Business
What’s the craic? Sergiu Gatlan reports: Grocery wholesale giant United Natural Foods hit by cyberattack
“Attacks linked to Scattered Spider”
UNFI, North America’s largest publicly traded wholesale [food] distributor, was forced to shut down some systems following a recent cyberattack. … This disclosure follows widespread reports … since Thursday that the company’s systems were down and employees were having their shifts canceled.
…
The Rhode Island-based company operates 53 distribution centers and delivers fresh and frozen products to over 30,000 locations. [It] reported $31 billion in annual revenues in August 2024, works with more than 11,000 suppliers, and has over 28,000 employees.
…
UNFI has not yet revealed the nature of the attack or whether the attackers stole any data. … No ransomware operations have claimed responsibility for the breach. … Over the last months, attacks linked to Scattered Spider threat actors and the DragonForce ransomware operation have also targeted retailers across the United Kingdom (including Harrods) … and recently switched their attention to U.S. companies.
Those scrotes again? AJ Vicens and Raphael Satter have more: Whole Foods supplier United Natural Foods says cyber incident disrupted operations
“Whole Foods”
In the past, disruptions that caused companies to take actions similar to those it described have often been linked to ransomware incidents, where extortion-minded cybercriminals disable a firm’s computers by encrypting them, promising to release the decryption key only in exchange for massive cryptocurrency payments. … Shares of United Natural fell more than 8% during Monday’s session and closed down by almost 7% at $25.94.
…
United Natural Foods is the largest publicly traded wholesale distributor of “healthier food options” in the U.S. and Canada, according to its website. In May 2024 the company announced an eight-year extension to serve as primary distributor for Amazon-owned Whole Foods. … A Whole Foods spokesperson [said] the company was “working to restock our shelves as quickly as possible.”
Horse’s mouth? Thus spoke spokes Kristen Jimenez and Grace Turiano: UNFI Systems Update
“Our highest priority”
We have identified unauthorized activity in our systems and have proactively taken some systems offline while we investigate. As soon as we discovered the activity, an investigation was initiated with the help of leading forensics experts.
…
We are assessing the unauthorized activity and working to restore our systems to safely bring them back online. As we work through this issue, our customers, suppliers, and associates are our highest priority. We are working closely with them to minimize disruption as much as possible.
What’s happening on the ground? u/Prestigious_Peace761 claims to work there:
[Supervisor] said they had cyber attack meeting last week and on Thursday last week we had fire drill then Friday it all went down from there. And last week there was a new update in the system they think it was a fake update that caused the attack.
…
We did the past 2 days on paper. I asked my supervisor before I left today; he said it will be same way tomorrow as well.
Schadenfreude, anyone? CEC-P just laughs:
Oh darn. I find this especially funny because:
1. grocery store IT systems are right up there with bowling alleys,
2. their competitor is one of our largest customers.
What a shame for Jeff Bezos, though. u/Impossible-Tax1033 points out the real victims:
Sadly its not just Bezos: UNFI supplies the [National Cooperative Grocers Association], which is a buying group of 500 small co-ops. So … it actually hurts the little guy much much more.
How does this happen? rsilvergun counts the ways:
All the market consolidation [means] a small disruption in a single company can completely **** up our entire food supply. Like how there is two factories making all of the baby formula in the entire freaking country. So we had a massive baby formula shortage when one of the two factories had to shut down because of rampant safety violations. … Enjoy your $800 a month grocery bill.
The outsourcing of UNFI’s IT to low-wage economies hasn’t escaped people’s notice. People such as u/Fit-Remove-6597, for example:
Karma for laying off critical IT workers and offshoring them. Now they get to pay a third party 10x more to fix the issue.
Buy cheap—buy twice? That seems to be MachDiamond’s POV:
One would hope this company has learned that computer security is cheaper than not being able to deliver and possibly losing some key accounts.
Meanwhile, YuppieScum dreams of an alternate universe:
Or, … if this were the headline, perhaps we’d see fewer of them: …
Insecure IT systems at Fortune 500 company cause loss of shareholder value. CIO/CTO fired and charges of criminal negligence pending.
And Finally:
Hat tip: simbosan
You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites—so you don’t have to. Hate mail may be directed to @RiCHi, @richij, @[email protected], @richi.bsky.social or [email protected]. Ask your doctor before reading. Your mileage may vary. Past performance is no guarantee of future results. Do not stare into laser with remaining eye. E&OE. 30.
Image sauce: Aritras Saha (via Unsplash; leveled and cropped)
