• Home
  • cyber
  • Marks & Spencer: Amazon food supplier likely hit by ransomware
cyber Ransomware

Marks & Spencer: Amazon food supplier likely hit by ransomware

Dec 21, 2025 2 min read
Marks & Spencer: Amazon food supplier likely hit by ransomware

UNFI Hit by Ransomware Attack, Threatening North American Food Supply Chains

United Natural Foods (UNFI), a major supplier for Amazon-owned Whole Foods Market, suffered a ransomware attack on June 5, 2023, disrupting its core systems and raising concerns over potential supply shortages. The company confirmed unauthorized access to critical administrative applications, which may delay deliveries of fresh produce and packaged goods to over 30,000 locations across North America, including Whole Foods stores.

UNFI’s IT team is conducting a full-scale investigation, though the company has yet to file a detailed report with the U.S. Securities and Exchange Commission (SEC). While efforts are underway to restore operations, the attack could have lasting effects on food distribution networks.

This incident follows a surge in cyberattacks targeting retail and supply chain companies. In April and May 2023, UK-based retailer Marks & Spencer (M&S) fell victim to DragonForce ransomware, resulting in significant financial losses and operational disruptions. Other high-profile breaches, including attacks on Harrods and Co-op, have highlighted the growing vulnerability of large-scale supply chains.

Cybercriminals are increasingly focusing on these sectors, leveraging ransomware to exploit the risk of widespread disruptions. In the M&S case, ransom notes were sent directly to the CEO, who had recently received a substantial pay increase. While some companies confirm such demands, others remain silent on whether they’ve received similar threats.

Ransomware attacks now often employ double or triple extortion tactics, where attackers not only encrypt data but also threaten to leak it unless additional payments are made. Experts note that paying ransoms offers no guarantee of data recovery, emphasizing the importance of secure backups and law enforcement reporting.

As UNFI’s investigation continues, the incident underscores the escalating threat to global supply chains and the need for heightened cybersecurity defenses.

Source: https://www.cybersecurity-insiders.com/amazon-food-supplier-likely-hit-by-ransomware/

Marks and Spencer cybersecurity rating report: https://www.rankiteo.com/company/marks-and-spencer

"id": "MAR1766346928",
"linkid": "marks-and-spencer",
"type": "Ransomware",
"date": "6/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'customers_affected': '30,000+ locations, including '
                                              'Whole Foods',
                        'industry': 'Food Supply Chain/Retail',
                        'location': 'North America',
                        'name': 'United Natural Foods (UNF)',
                        'type': 'Corporation'}],
 'data_breach': {'data_encryption': 'Yes (ransomware-related)'},
 'date_detected': '2023-06-05',
 'date_publicly_disclosed': '2023-06-05',
 'description': 'United Natural Foods (UNF), a key supplier to Amazon-owned '
                'Whole Foods Market, was targeted by a cyber attack on June '
                '5th, 2023. The breach involved unauthorized access to its '
                'core systems, potentially causing supply shortages in certain '
                'markets due to operational disruptions. The attack appears to '
                'be ransomware-related, impacting critical admin applications '
                'and affecting food supply chains across North America.',
 'impact': {'operational_impact': 'Supply chain disruptions, potential '
                                  'shortages in certain markets',
            'systems_affected': 'Critical admin applications'},
 'investigation_status': 'Ongoing',
 'motivation': 'Financial gain (ransom payment)',
 'ransomware': {'data_encryption': 'Yes'},
 'recommendations': 'Recover from backups if possible, report incidents to law '
                    'enforcement, enhance cybersecurity measures to protect '
                    'supply chains',
 'references': [{'source': 'Official UNF statement'}],
 'regulatory_compliance': {'regulatory_notifications': 'Pending submission to '
                                                       'U.S. Securities and '
                                                       'Exchange Commission '
                                                       '(SEC)'},
 'response': {'communication_strategy': 'Providing timely updates as the '
                                        'situation develops',
              'incident_response_plan_activated': 'Yes',
              'recovery_measures': 'Working to restore systems and mitigate '
                                   'long-term effects',
              'remediation_measures': 'Actively investigating and restoring '
                                      'systems'},
 'title': 'Cyber Attack on United Natural Foods (UNF)',
 'type': 'Ransomware'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.