IT Brief UK - Technology news for CIOs & IT decision-makers
United Kingdom
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things
Search
Story image
#
Ransomware
#
Supply Chain
#
Breach Prevention

Retail cyber attacks surge as United Natural Foods hit by breach

Wed, 11th Jun 2025
Author image
By Sean Mitchell, Publisher

United Natural Foods, one of North America's largest wholesale distributors, has become the latest victim in a spate of cyber attacks targeting high-profile retailers and distributors around the world. The cyber incident forced the company to take essential IT systems offline, resulting in disruptions to operations and services, and prompting widespread concern across the retail and supply chain sectors.

The attack on United Natural Foods follows a string of high-profile breaches impacting well-known retailers, including Marks & Spencer, Harrods, and North Face, as well as other distributors such as Peter Green Chilled. The incident highlights the increasing vulnerabilities faced by businesses entrusted with vast amounts of sensitive customer and operational data.

Expert analysis suggests that ransomware and other forms of cyber extortion are becoming more sophisticated and devastating. Warren O'Driscoll, Head of Security Practice at NTT DATA UK&I and a seasoned Royal Signals reservist, emphasised the growing boldness of threat actors. "With the United Natural Foods attack, ransomware threat actors clearly taste blood in the water. In this spree of outages, every payout has made them stronger, bolder, and harder to stop," said O'Driscoll. He suggested that in some cases, state-backed attackers may be seeking a dual reward: undermining a nation's economic output while also extracting hidden ransoms from desperate companies.

O'Driscoll underscored the unique vulnerabilities faced by retail businesses. "Their mountains of sensitive customer data, including personal details and payment information, make them prime targets. Meanwhile, they operate on cash flow, so any disruption to trade will have significant consequences in their long-term operations," he explained. These operational pressures can force companies to make rapid decisions during a crisis, sometimes by taking entire system environments offline as a precautionary measure, with significant repercussions for both revenue and reputation.

United Natural Foods confirmed that operations were disrupted and that the downtime had affected its share price, which fell by 9.3% following the disclosure of the attack. Adam Blake, CEO and Founder at ThreatSpike, commented on the wider impact of these breaches: "A 9.3% drop in share price from a single cyberattack is a dreary outlook, and points to the enormous ripple effects on supply chains. It also reminds us that too many enterprises don't have the basics covered for their defences, forcing them to hit the knee-jerk panic button of taking entire systems offline."

Blake criticised the fragmented nature of the current cybersecurity landscape, arguing that disconnected security tools often create blind spots and weaknesses. "The cybersecurity industry has to do better to simplify solutions and offerings, not just for enterprises' own sanity, but to safeguard their reputation and keep operations running," he said. According to Blake, the real target for attackers is now the ability to disrupt operations, causing lasting reputational harm, rather than the theft of basic customer data.

As digital threats evolve, many experts are calling for a fundamental shift in how retailers and distributors approach cybersecurity. Michael Freeman, Head of Threat Intelligence at Armis, described the United Natural Foods hack as "another stark reminder that the retail industry remains a highly sought-after target by hackers, and there appears to be no end in sight." He noted that proactive security was now a top priority for nearly 80% of retail IT decision-makers surveyed, but stressed the need for a mindset shift and comprehensive protection against all plausible attack vectors.

The regulatory landscape also plays a key role in shaping cyber resilience. O'Driscoll pointed out that all UK retailers accepting card payments must now comply with the PCI Data Security Standard (DSS), yet in 2023 only 14.3% had achieved full compliance. "Anybody who shops with a card, provides a delivery address, or shares their email for an e-receipt should care about whether retailers take these measures seriously," he warned. Unlike the financial or critical infrastructure sectors, retail often operates with a lower level of regulatory scrutiny, potentially leaving a wider field of 'softer targets' for attackers.

With cyber incidents growing in frequency and severity, industry analysts maintain that improvements in coordination, simplicity, and basic security hygiene will be essential to protecting retailers, distributors, supply chains, and consumers from the financial and operational fallout of future attacks.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
UK firms face rising cyber threats despite record investment
Red Canary deploys AI agents to slash security investigation times
ReliaQuest details Black Basta’s legacy & rise of Teams phishing
Thales launches real-time file activity monitoring with AI help
Salesforce industry cloud flaws put sensitive data at global risk
Top stories
Upwind names Rinki Sethi Chief Security Officer amid growth
Fake booking sites push malware as HP warns of click fatigue
Oracle & NVIDIA expand OCI partnership with 160 AI tools
NVIDIA to power European AI push with 3,000 exaflops initiative
UK firms report more breaches amid remote work, policy gaps