In June 2025, one of the largest grocery distributors in North America, United Natural Foods Inc. (UNFI), suffered a paralyzing cyberattack. As the company’s fulfillment systems were brought to a halt for almost 10 days, multiple stores across the U.S. reported shortages. This meant empty shelves at many Whole Foods locations, one of UNFI’s major customers.
The financial loss because of the disruption was estimated to be at least $350 million in sales for UNFI, plus extra costs incurred as the company transitioned to manual operations and the millions spent on external cybersecurity and legal experts to solve the issue1.
Earlier this year, Google’s Threat Intelligence Group warned of a cybercrime wave that had crippled multiple British retailers and was then targeting U.S. firms’ supply chains. The timing was no coincidence. Sophisticated attackers, whether organized crime or state-sponsored groups, have turned their sights to modern supply chains.