While the nation’s food supply faces all sorts of threats, from diseases to tariffs to climate change, we are now faced with what can happen when the food supply is attacked by hackers, and not by directly targeting stores’ systems.

Instead, a hack of food distributor United Natural Foods (UNFI) hit Whole Foods and others hard, leading to shortages and empty shelves. It exposed the soft underbelly of supermarkets, where software, not just hard goods shortages, can be the target of attacks.

Providence, Rhode Island-based UNFI, which operates 52 food distribution centers and offers 250,000 products from more than 11,000 suppliers to 30,000 customer locations, reported “unauthorized activity in our systems.”

It shut down temporarily after the cyberattack revealed that a computer virus, like any disease, can put the nation’s food supply and supermarkets at risk. This disrupted ordering and deliveries, revealing how vulnerable the nation’s food infrastructure can still be to cyberattacks.

“Our frozen cooler is empty, our bread hearth is bare, and customers are increasingly upset,” a Whole Foods employee in Arkansas who was not authorized to speak on behalf of the company told CNN.

UNFI, which noted it has invested in cybersecurity, said this attack revealed vulnerabilities and the need to do more, even as its stock tumbled after the attack. Signs that read, “We are experiencing a temporary out-of-stock issue for some products” went up in some supermarkets.

“I think a company needs to be both high capability and humble when it relates to cybersecurity,” UNFI CEO Sandy Douglas said. “And this event is just a demonstrated example of why.”

Some supermarkets shifted temporarily to other wholesalers, while Amazon-owned Whole Foods, which operates more than 520 stores in the United States, found some of its shelves temporarily empty.

Grocery Dive quoted Gilpin Matthews, co-owner of Darlings Grocery in La Pointe, Wisconsin, as saying that he shifted to Minnesota-based grocery wholesaler Mason Brothers for some products, as well as Sysco, which supplies restaurants.

“Empty shelves don’t look good, and if people go in and they can’t get the things that they need… they’re going to go somewhere else,” Matthews told Grocery Dive. “We were just scrambling, because we had no notice.”

UNFI President and CFO Giorgio Matteo Tarditi said in a Securities and Exchange Commission (SEC) filing that the cyberattack “temporarily impacted the company’s ability to fulfill and distribute customer orders.”

While this attack attracted attention, it came after a string of ransomware and extortion hacks of retailers and supermarkets in the United Kingdom in April, which were widely attributed to the cybercrime organization Scattered Spider.

That group with global reach reportedly began focusing on the United States in May, possibly including the UNFI cyberattack.

The Rise & Risk of Advanced Technology

The latest attack raises issues such as resilience, redundancy, and preparedness of grocery stores, which rely heavily on logistics, delivery, and the technology that allows this to go smoothly.

In today’s highly competitive market, food and beverage distributors increasingly rely on advanced technology to streamline operations, optimize supply chains, and deliver outstanding customer service. From real-time inventory tracking to predictive ordering and route optimization, nearly every aspect of the modern distribution business is powered by data. As the value and sensitivity of this data grows, so does the importance of securing and protecting it.

Technology has become the backbone of food and beverage distribution for distributors who now utilize sophisticated Enterprise Resource Planning (ERP) systems, warehouse management solutions, and Internet of Things (IoT) devices to gather and analyze data at every stage — from procurement to delivery.

These technologies generate a wealth of information on inventory levels, customer orders, supply chain logistics, and regulatory compliance.

For instance, real-time temperature and humidity sensors can track perishable goods in transit, while analytics platforms help forecast demand and reduce waste. The resulting data not only drives efficiency but also provides actionable insights that can enhance profitability and customer satisfaction.

Single Suppliers or Dozens of Distributors?

Relying on single suppliers, which can provide the best rates, also aggregates risk. According to Grocery Dive, Orcas Food Co-op, a UNFI customer in Eastsound, Washington, also obtains products from dozens of local suppliers.

“We’re not overly reliant on a single supplier,” an Orcas Food Co-op spokesman told Grocery Dive. “This is just a good chance to highlight to our members a lot of the other producers we work with directly.”

Still, smaller suppliers indicated they were unaware of what was occurring and caught in the middle.

By June 10, UNFI reported in a third-quarter earnings call that net sales had increased 7.5% to $8.1 billion and a $7 million net loss.

“In the near term, we are focused on diligently managing through the cyber incident we announced yesterday to rapidly and safely restore our capabilities,” CEO Sandy Douglas said, “while helping our customers with short-term solutions wherever possible.”

UNFI, whose slogan is “Better Foods. Better Future.” may face lawsuits in case the company is in any way culpable.

Law firm Levi & Korsinsky said it is investigating UNFI to see if federal securities laws were violated.

UNFI disclosed in a June 9 SEC filing that after becoming aware of unauthorized activity in its systems, it “promptly activated its incident response plan and implemented containment measures, including proactively taking certain systems offline, which has temporarily impacted the Company’s ability to fulfill and distribute customer orders.”

Craving More Cyber Controls

This recent attack demonstrates the need for tighter cybersecurity controls, while many companies have not even had a penetration assessment. Having redundancy with suppliers is also another mitigating factor. Finally, proper insurance coverage may ease the pain. Every company should take proactive and meaningful measures to avoid cyberattacks, or it could face the problems illustrated in this situation.

With increased reliance on digital tools comes an increased risk of cyberattacks, data breaches, and system disruptions. Food and beverage distributors often handle sensitive information, such as proprietary recipes, supplier contracts, payment details, and customer data. A security breach could disrupt business operations, damage trust, and lead to regulatory penalties.

Therefore, data security has become a top priority. Distributors are adopting multi-layered cybersecurity strategies, including data encryption in transit and at rest, regular security audits, and robust access controls.

Cloud service providers used by distributors are often required to comply with industry-standard certifications (such as ISO 27001 or SOC 2) to ensure the integrity and confidentiality of stored data. The nature of the food and beverage industry often involves complex supply chains with multiple partners and vendors.

As technology continues to evolve, so will the ways food and beverage distributors use —and protect — data. Artificial intelligence and machine learning are poised to bring even more advanced analytics and automation to the industry, underscoring the need for robust data security frameworks.

In summary, technology and data are critical drivers for food and beverage distribution success. Still, their full potential can only be realized if distributors prioritize data security and protection at every level. By taking a proactive approach, these businesses can safeguard their operations, build trust, and deliver greater value to their partners and customers.