On June 5, United Natural Foods, Inc. (UNFI), a major grocery distributor and retailer, disclosed a cybersecurity incident involving unauthorized activity on its IT systems. In response, UNFI took certain systems offline and initiated an internal investigation supported by law enforcement and third-party cybersecurity experts. While the company has not publicly detailed the scope of the impact, it has confirmed that some operations are temporarily disrupted. UNFI is implementing workarounds to maintain service where possible and is working to bring affected systems safely back online.
Unpacking the incident
- On June 5, UNFI detected unauthorized activity within its IT systems.
- The company proactively took certain systems offline to contain the breach and prevent further impact.
- UNFI began working with leading digital forensics experts and notified law enforcement to support its investigation.
- As of early the following week, temporary disruptions to operations were ongoing, according to a company statement.
Behind the scenes
UNFI is actively managing the situation and prioritizing business continuity.
Additional response steps include:
- Engaging third-party cybersecurity professionals to support internal teams.
- Developing temporary workarounds to keep essential services running “where possible.”
- Communicating transparently with stakeholders and regulatory bodies via official filings.
While specific systems or service lines were not identified, UNFI indicated it is taking a methodical approach to recovery, emphasizing the importance of restoring systems securely and fully.
UNFI’s role in the food supply landscape
UNFI is a major distributor of food and non-food items to approximately 30,000 retail locations across the U.S., according to its latest annual report. It maintains a long-term distribution agreement with Whole Foods Market, running through 2032, and also operates its own retail banners, including Cub Foods and Shoppers.
This event follows a growing trend of cyber incidents targeting large supply chain and retail organizations. In late 2024, Ahold Delhaize experienced a similar breach that temporarily suspended e-commerce functions at several U.S. banners, including Hannaford.
Key points to consider
- UNFI detected and disclosed a cybersecurity incident on June 5, 2025.
- The company is working with forensics teams and law enforcement to assess and resolve the situation.
- Some systems have been taken offline as a precaution; temporary service disruptions are ongoing.
- Workarounds are in place to support continuity where feasible.
Lessons in resilience: what the incident teaches ingredient sourcing
The UNFI incident illustrates how cybersecurity events can intersect with supply chain stability. While the company has not released details on specific service interruptions, the case highlights the importance of:
- Digital preparedness in ingredient sourcing and wholesale operations.
- Contingency planning for IT-related disruptions that may affect inventory or fulfillment timelines.
- Proactive communication from suppliers during crisis situations to support transparency and decision-making.
Future-proofing supply chains in a tech-driven world
Cybersecurity is no longer just a tech issue—it’s a business continuity priority. Incidents like this one underscore the need for robust digital safeguards, diversified vendor networks, and agile sourcing strategies.
For wholesale buyers, importers, manufacturers, and foodservice operators, the key takeaway is clear: even upstream IT events can ripple downstream, affecting product availability and delivery timelines. Having flexible procurement options and backup partners can be critical to maintaining operations.
At Source86, we work with partners to build sourcing strategies that withstand uncertainty—technical or otherwise. If you’re evaluating ways to increase resilience in your ingredient supply chain, let’s connect.
