UK Food Logistics Firm Hit by Ransomware, Disrupting Major Supermarket Supply Chains
A ransomware attack on Peter Green Chilled, a key logistics provider for major UK supermarkets, has disrupted order processing for retailers including Tesco, Sainsbury’s, Asda, Waitrose, Co-op, Morrisons, M&S, and Aldi. The incident, which occurred last Wednesday, forced the Somerset-based company to suspend order handling on Thursday, though transport operations remained unaffected.
Managing Director Tom Binks confirmed the attack in an email, stating that the firm was implementing workarounds to maintain deliveries while providing regular updates to clients. While existing schedules have largely held, concerns persist among suppliers of perishable goods over potential waste due to delays.
This attack follows a recent surge in ransomware incidents targeting the UK retail sector, with Marks & Spencer, Co-op, and Harrods all experiencing disruptions in recent weeks. Phil Pluck, CEO of the Cold Chain Federation, noted a sharp rise in such attacks on food distribution networks, often unreported due to reputational risks. The cold chain sector’s tight timelines and high-volume perishable goods make it a lucrative target for cybercriminals.
Security experts warn that supply chain vulnerabilities amplify the impact of such breaches. Richard Orange of Abnormal AI highlighted the risk of follow-on attacks, including vendor email compromise, where attackers impersonate suppliers to steal credentials or redirect payments. Meanwhile, Andy Norton of Armis reported that 41% of retailers have faced increased cyber threats in the past six months, with no signs of slowing.
Peter Green Chilled has not yet provided further comment on the incident. A previous reference to Lidl as a client was retracted after the supermarket confirmed it no longer uses the firm’s services.
Source: https://www.computing.co.uk/news/2025/security/supplier-to-tesco-aldi-and-lidl-hit-with-ransomware
Tesco TPRM report: https://www.rankiteo.com/company/-tesco
Sainsbury’s TPRM report: https://www.rankiteo.com/company/sainsburys
Waitrose TPRM report: https://www.rankiteo.com/company/waitroseandpartners
Asda TPRM report: https://www.rankiteo.com/company/toyou
Peter Green Chilled TPRM report: https://www.rankiteo.com/company/peter-green-chilled
Morrisons TPRM report: https://www.rankiteo.com/company/morrisons-daily
Marks & Spencer TPRM report: https://www.rankiteo.com/company/marks-and-spencer
Co-op TPRM report: https://www.rankiteo.com/company/the-co-op-group
Aldi TPRM report: https://www.rankiteo.com/company/caldic
"id": "marcalwaisaitoythemorpet-te1772023906",
"linkid": "marks-and-spencer, caldic, waitroseandpartners, sainsburys, toyou, the-co-op-group, morrisons-daily, peter-green-chilled, -tesco",
"type": "Cyber Attack",
"date": "5/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Tesco, Sainsbury’s, Asda, '
'Waitrose, Co-op, Morrisons, '
'M&S, Aldi',
'industry': 'food logistics / cold chain',
'location': 'Somerset, UK',
'name': 'Peter Green Chilled',
'type': 'logistics provider'}],
'date_detected': 'last Wednesday',
'description': 'A ransomware attack on Peter Green Chilled, a key logistics '
'provider for major UK supermarkets, has disrupted order '
'processing for retailers including Tesco, Sainsbury’s, Asda, '
'Waitrose, Co-op, Morrisons, M&S, and Aldi. The incident '
'forced the company to suspend order handling while '
'maintaining transport operations. The attack follows a recent '
'surge in ransomware incidents targeting the UK retail sector.',
'impact': {'brand_reputation_impact': 'potential reputational risk due to '
'unreported incidents in the sector',
'downtime': 'order handling suspended on Thursday',
'operational_impact': 'disrupted order processing for major UK '
'supermarkets',
'systems_affected': 'order processing systems'},
'investigation_status': 'ongoing',
'lessons_learned': 'Supply chain vulnerabilities amplify the impact of cyber '
'breaches; follow-on attacks (e.g., vendor email '
'compromise) are a risk; perishable goods sectors are '
'lucrative targets due to tight timelines.',
'motivation': 'financial gain',
'recommendations': 'Enhance cybersecurity measures for supply chain partners; '
'implement network segmentation; adopt adaptive behavioral '
'WAF; use on-demand scrubbing services; monitor for '
'follow-on attacks like vendor email compromise.',
'references': [{'source': 'Article describing the incident'}],
'response': {'communication_strategy': 'regular updates provided to clients',
'containment_measures': 'order processing suspended',
'incident_response_plan_activated': 'workarounds implemented to '
'maintain deliveries'},
'stakeholder_advisories': 'Regular updates provided to clients (supermarkets)',
'title': 'UK Food Logistics Firm Hit by Ransomware, Disrupting Major '
'Supermarket Supply Chains',
'type': 'ransomware'}