In June 2025, United Natural Foods, Inc. (UNFI)—the primary distributor for Whole Foods and tens of thousands of retailers across North America—suffered a major cyberattack that halted deliveries, emptied shelves, and forced core operations offline.
The financial damage? Between $350 and $400 million in net sales lost, and up to $60 million in reduced income for fiscal year 2025.
In this episode, we break down:
- What happened during the UNFI cyberattack
- How ordering, shipping, and receiving systems were taken down
- Why this wasn’t just a business disruption—but a critical infrastructure failure
- The pattern of attacks across the food sector, from JBS to Dole to Sam’s Club
- The national security implications of digitally compromised supply chains
- Where cyber insurance, contingency planning, and regulation fall short
We also compare this incident with the 2020 SolarWinds breach, showing how both attacks exploited software vulnerabilities and disrupted essential services on a massive scale.
UNFI’s recovery may be underway, but the larger question remains:
Is the U.S. food supply chain prepared for the next attack?
