Cyber criminals strike food industry again

The food and beverage industry is under attack.

Criminals looking to extort intellectual property, personal information, and money from suppliers, retailers and manufacturers have mounted a global attack on the industry, and so far, they’re winning.

Last month Marks & Spencer and Co-op were hit within days of each other, resulting in empty shelves in stores, online payments stopped, employee and customers details stolen, and ransom demands made.

The hackers were able to gain access to the retailers’ computer systems by impersonating employees and requesting password resets from the companies’ IT help desks.

Now another major industry stakeholder has fallen victim, but this time it’s a distributer.

Cyber criminals target latest victim

United Natural Foods Inc. (UNFI), the primary distributor for Whole Foods in the US, has been forced to take operations offline after hackers accessed their systems.

“We have identified unauthorised activity in our systems and have proactively taken some systems offline while we investigate,” said a spokesperson for the company in a statement. “As soon as we discovered the activity, an investigation was initiated with the help of leading forensics experts and we have notified law enforcement. We are assessing the unauthorised activity and working to restore our systems to safely bring them back online.”

The Amazon-owned company, which makes private label products for supermarkets including Whole Foods, as well as making its own branded products, has not commented on the nature of the attack or whether data was stolen.

However, shoppers on social media are already reporting empty shelves in Whole Foods shops, with signs stating the store is “experiencing a temporary out of stock issue for some products.”

No ransomware operations have yet claimed responsibility for the breach.