Latest news with #GilpinMatthews
Forbes
24-06-2025
- Business
- Forbes
Cyberattack Reveals Soft Underbelly Of Supermarket Food Supply
The recent cyberattack on food distributor UNFI has revealed the likelihood of other data ... More vulnerabilities throughout the F&B space. While the nation's food supply faces all sorts of threats, from diseases to tariffs to climate change, we are now faced with what can happen when the food supply is attacked by hackers, and not by directly targeting stores' systems. Instead, a hack of food distributor United Natural Foods (UNFI) hit Whole Foods and others hard, leading to shortages and empty shelves. It exposed the soft underbelly of supermarkets, where software, not just hard goods shortages, can be the target of attacks. Providence, Rhode Island-based UNFI, which operates 52 food distribution centers and offers 250,000 products from more than 11,000 suppliers to 30,000 customer locations, reported "unauthorized activity in our systems." It shut down temporarily after the cyberattack revealed that a computer virus, like any disease, can put the nation's food supply and supermarkets at risk. This disrupted ordering and deliveries, revealing how vulnerable the nation's food infrastructure can still be to cyberattacks. 'Our frozen cooler is empty, our bread hearth is bare, and customers are increasingly upset," a Whole Foods employee in Arkansas who was not authorized to speak on behalf of the company told CNN. UNFI, which noted it has invested in cybersecurity, said this attack revealed vulnerabilities and the need to do more, even as its stock tumbled after the attack. Signs that read, 'We are experiencing a temporary out-of-stock issue for some products' went up in some supermarkets. 'I think a company needs to be both high capability and humble when it relates to cybersecurity,' UNFI CEO Sandy Douglas said. 'And this event is just a demonstrated example of why.' Some supermarkets shifted temporarily to other wholesalers, while Amazon-owned Whole Foods, which operates more than 520 stores in the United States, found some of its shelves temporarily empty. Grocery Dive quoted Gilpin Matthews, co-owner of Darlings Grocery in La Pointe, Wisconsin, as saying that he shifted to Minnesota-based grocery wholesaler Mason Brothers for some products, as well as Sysco, which supplies restaurants. 'Empty shelves don't look good, and if people go in and they can't get the things that they need… they're going to go somewhere else,' Matthews told Grocery Dive. 'We were just scrambling, because we had no notice.' UNFI President and CFO Giorgio Matteo Tarditi said in a Securities and Exchange Commission (SEC) filing that the cyberattack 'temporarily impacted the company's ability to fulfill and distribute customer orders.' While some supermarkets found their shelves empty after the cyberattack, others temporarily shifted ... More to other wholesalers. While this attack attracted attention, it came after a string of ransomware and extortion hacks of retailers and supermarkets in the United Kingdom in April, which were widely attributed to the cybercrime organization Scattered Spider. That group with global reach reportedly began focusing on the United States in May, possibly including the UNFI cyberattack. The Rise & Risk of Advanced Technology The latest attack raises issues such as resilience, redundancy, and preparedness of grocery stores, which rely heavily on logistics, delivery, and the technology that allows this to go smoothly. In today's highly competitive market, food and beverage distributors increasingly rely on advanced technology to streamline operations, optimize supply chains, and deliver outstanding customer service. From real-time inventory tracking to predictive ordering and route optimization, nearly every aspect of the modern distribution business is powered by data. As the value and sensitivity of this data grows, so does the importance of securing and protecting it. Technology has become the backbone of food and beverage distribution for distributors who now utilize sophisticated Enterprise Resource Planning (ERP) systems, warehouse management solutions, and Internet of Things (IoT) devices to gather and analyze data at every stage — from procurement to delivery. Advanced technology has helped wholesalers optimize their supply chain and monitor inventory in ... More real-time. These technologies generate a wealth of information on inventory levels, customer orders, supply chain logistics, and regulatory compliance. For instance, real-time temperature and humidity sensors can track perishable goods in transit, while analytics platforms help forecast demand and reduce waste. The resulting data not only drives efficiency but also provides actionable insights that can enhance profitability and customer satisfaction. Single Suppliers or Dozens of Distributors? Relying on single suppliers, which can provide the best rates, also aggregates risk. According to Grocery Dive, Orcas Food Co-op, a UNFI customer in Eastsound, Washington, also obtains products from dozens of local suppliers. 'We're not overly reliant on a single supplier,' an Orcas Food Co-op spokesman told Grocery Dive. 'This is just a good chance to highlight to our members a lot of the other producers we work with directly.' Still, smaller suppliers indicated they were unaware of what was occurring and caught in the middle. By June 10, UNFI reported in a third-quarter earnings call that net sales had increased 7.5% to $8.1 billion and a $7 million net loss. 'In the near term, we are focused on diligently managing through the cyber incident we announced yesterday to rapidly and safely restore our capabilities,' CEO Sandy Douglas said, 'while helping our customers with short-term solutions wherever possible.' Stronger cybersecurity measures and the implementation of penetration testing can help companies be ... More more proactive about the safety of their data. UNFI, whose slogan is 'Better Foods. Better Future.' may face lawsuits in case the company is in any way culpable. Law firm Levi & Korsinsky said it is investigating UNFI to see if federal securities laws were violated. UNFI disclosed in a June 9 SEC filing that after becoming aware of unauthorized activity in its systems, it "promptly activated its incident response plan and implemented containment measures, including proactively taking certain systems offline, which has temporarily impacted the Company's ability to fulfill and distribute customer orders." Craving More Cyber Controls This recent attack demonstrates the need for tighter cybersecurity controls, while many companies have not even had a penetration assessment. Having redundancy with suppliers is also another mitigating factor. Finally, proper insurance coverage may ease the pain. Every company should take proactive and meaningful measures to avoid cyberattacks, or it could face the problems illustrated in this situation. With increased reliance on digital tools comes an increased risk of cyberattacks, data breaches, and system disruptions. Food and beverage distributors often handle sensitive information, such as proprietary recipes, supplier contracts, payment details, and customer data. A security breach could disrupt business operations, damage trust, and lead to regulatory penalties. Therefore, data security has become a top priority. Distributors are adopting multi-layered cybersecurity strategies, including data encryption in transit and at rest, regular security audits, and robust access controls. Diseases, tariffs, climate change, and now hackers, all pose a threat to the nation's food supply. Cloud service providers used by distributors are often required to comply with industry-standard certifications (such as ISO 27001 or SOC 2) to ensure the integrity and confidentiality of stored data. The nature of the food and beverage industry often involves complex supply chains with multiple partners and vendors. As technology continues to evolve, so will the ways food and beverage distributors use —and protect — data. Artificial intelligence and machine learning are poised to bring even more advanced analytics and automation to the industry, underscoring the need for robust data security frameworks. In summary, technology and data are critical drivers for food and beverage distribution success. Still, their full potential can only be realized if distributors prioritize data security and protection at every level. By taking a proactive approach, these businesses can safeguard their operations, build trust, and deliver greater value to their partners and customers.
Miami Herald
16-06-2025
- Business
- Miami Herald
How the cyberattack against UNFI affected four independent grocers
United Natural Foods, Inc. is continuing to rely on manual procedures to receive and fulfill orders from customers as it works to recover from a cyberattack that compelled the grocery wholesaler to entirely shut down its online platform on June 6, a UNFI spokesperson said Monday. UNFI has not indicated when it expects to resume processing orders online, but said in a statement posted on its website on Sunday that it has "made significant progress toward safely restoring our electronic ordering systems, which will allow us to serve the customers that order through these systems in a more automated way and continue to increase our operational capacity." Gilpin Matthews, co-owner of Darlings Grocery, a natural foods retailer in La Pointe, Wisconsin, that relies on UNFI for about two-thirds of the products it sells, said he realized something was wrong when he put in his order on June 8 but did not receive confirmation from the distributor. To help keep his store's shelves stocked in the absence of the UNFI delivery he normally receives, Matthews turned to Minnesota-based grocery wholesaler Mason Brothers, which supplies Darlings with conventional products such as canned goods. But that meant Darlings was unable last week to provide shoppers with the full range of organic products it ordinarily sells, because Mason Brothers doesn't offer as large a selection of those goods as UNFI, Matthews said. Matthews also turned to foodservice company Sysco, which supplies products for a restaurant he owns, to obtain conventional produce. "Empty shelves don't look good, and if people go in and they can't get the things that they need … they're going to go somewhere else," Matthews said. "We were just scrambling, because we had no notice." Occupying a former convenience store space, Darlings has limited cold storage space, so it is especially dependent on regular deliveries, Matthews added. He noted that determining what quantity of goods to order from alternative suppliers poses a particular challenge, because the natural foods store will likely not be able to sell conventional products it brings in and substitutes once its regular orders from UNFI resume. Orcas Food Co-op also turned to third-party suppliers after its regular delivery from UNFI didn't arrive last week, said Learner Limbach, the grocer's chief cooperative officer. The co-op, located in Eastsound, Washington, relies on UNFI for a significant percentage of the goods it sells, but also sources products from dozens of local suppliers. "We're not overly reliant on a single supplier," Limbach said. "This is just a good chance to highlight to our members a lot of the other producers we work with directly." When Charley Family Shop 'n Save in Greensburg, Pennsylvania, found out on June 7 about UNFI's system issues, the grocer quickly reached out to organization including the National Grocers Association, Tom Charley, co-owner of the grocer, said in a video posted on social media last week. That networking helped the grocer connect with MDI, a wholesaler based in North Carolina, Charley said. Partnering with MDI as well as tapping local and fresh suppliers helped the store stay almost fully stocked as the UNFI disruptions continued, Charley added, noting that the store's management team adjusted "on the fly" to these challenges. "It's not like you can just typically find a supplier that can supply all of the grocery, dairy and frozen needs of a grocery store that you've never done business with," Charley said. Eric Siperas, manager of a LaBonne's Markets location in Salisbury, Connecticut, pointed out that grocers benefit by contracting with a primary distributor because they are able to get better pricing by doing so. LaBonne's, which runs four supermarkets that sell mostly conventional products, sources the majority of its groceries from Connecticut-based grocery distributor Bozzuto's, but obtains some natural and gluten-free products from UNFI. LaBonne's can only use alternative suppliers for items that Bozzuto's doesn't offer because of its arrangement with the distributor, Siperas said. Siperas said LaBonne's ran out of some items that it ordinarily gets from UNFI last week because it was unable to submit an order on June 7, but that the disruption did not pose a significant problem for the grocer. He added that he was able to access UNFI's portal on Saturday to place an order for this week. The cyberattack also hurt UNFI's ability to serve stores run by Whole Foods Market, its most visible customer. A Whole Foods spokesperson said last week that the chain was working to restock its stores but referred questions about UNFI's ability to fulfill its orders to the distributor. The UNFI spokesperson said the company was unable to comment on its ability to serve specific customers. UNFI said in an emailed statement on Monday that pharmacies operated by its Cub grocery chain are again able to fill prescriptions following disruptions related to the cyberattack last week. Copyright 2025 Industry Dive. All rights reserved.
