United Natural Foods (UNFI), a leading US grocery distribution company, said Tuesday it is working to restore its capabilities following a cyberattack that continues to disrupt its grocery supply chain.
UNFI said it was “deeply managing it through cyber incidents” as part of its third quarter revenue report. The company “helps our customers with the shortest possible solution,” UNFI CEO Sandy Douglas said in a prepared statement.
During the company's post-reconstruction conference call, Douglas said UNFI “continues to restore the system back online and restore a wide range of customer service as quickly as possible.”
The company, a leading distributor of Amazon-owned Whole Foods, has supplyed over 250,000 grocery store products, including Frozen products, and on Monday identified unauthorized access to IT systems. Douglas said in a call Tuesday that the company has shut down its entire network.
The company does not explain the nature of the cyberattacks, but said that intrusions cause continuous disruption to operations, including their ability to meet and distribute customer orders.
Douglas has called on investors that the company is shipping to customers “on a limited basis.”
A UNFI customer told TechCrunch that they were trying out new products at Whole Foods stores this week, but told them that much of the supply has not been delivered. Customers said they hadn't heard anything about the confusion from either UNFI or Whole Foods.
TechCrunch has heard anecdotal reports of reduced shelves or empty shelves in some stores affected by the UNFI disruption, but it is not immediately clear whether this is due to cyberattacks or other supply chain issues. Much of the downstream real-world impact on grocery stores and their customers may not be seen until later this week.
Whole Foods has not returned requests for comment from TechCrunch. Reuters said a Whole Foods spokesman said the retailer was “working to fill the shelves as quickly as possible” and introduced additional questions to UNFI.
It is not clear how much UNFI spent on cybersecurity, or who ultimately is responsible for the company's cybersecurity.
A UNFI spokesman did not respond to a request for comment when contacted by TechCrunch on Tuesday.
According to a TechCrunch check, many of UNFI's external systems are offline, including the web systems used by suppliers and customers, as well as the company's VPN products.
UNFI reported $8.1 billion in net sales for the quarter ended May 3, 2025. The company said it expects to report net income and earnings per share losses in its 2025 outlook after its contract with the grocery chain's operations in the Northeastern US, but has not been adjusted for a “continuous valuation” during this period.
Do you know more about cyberattacks in UNFI? Are you a customer of a company affected by the confusion? You can safely contact this reporter via a message encrypted with Zackwhittaker.1337.