UK-based logistics provider Peter Green Chilled, a key supplier for leading supermarkets including Tesco, Aldi, and Sainsbury’s, has been hit by a ransomware attack, disrupting operations and encrypting critical company systems. The attack, confirmed in an internal company email obtained by the BBC, follows a string of cyber incidents targeting UK retail infrastructure, including a recent high-profile breach at Marks & Spencer (M&S).
The attackers encrypted company data and severely impacted operations starting Wednesday, triggering delays that could ripple across the national retail supply chain. Ransomware attacks typically involve threat actors gaining access to enterprise systems, encrypting files, and demanding payment in exchange for decryption keys. For logistics companies like Peter Green Chilled, the operational downtime can have immediate real-world effects on stock delivery and shelf availability.
“Attacks like these can cripple companies to a point where they might be temporarily unable to provide services to household name brands,”
— Aras Nazarovas, Cybernews Information Security Researcher
The impact of this ransomware breach is not limited to one company. Experts warn that continued targeting of logistics and retail supply chains could lead to temporary product shortages and significant financial losses for supermarket chains.
Chris Dimitriadis, Chief Global Strategy Officer at ISACA, noted that attackers are now shifting focus beyond major corporations and critical infrastructure to target supply chain nodes that can produce broad systemic effects.
“Cybercriminals aren’t just targeting big names or critical infrastructure; they’re hitting the supply chain, where the knock-on effects can be just as serious,”
— Chris Dimitriadis, ISACA
This incident adds to a growing list of ransomware attacks in the UK retail sector. M&S, Harrods, and Co-op have all reported breaches in recent weeks. The M&S cyberattack alone is believed to have cost over £60 million ($80 million) in lost profits and wiped more than £1 billion from its stock market valuation. The breach reportedly stemmed from compromised credentials linked to third-party partner Tata Consultancy Services (TCS).
The Scattered Spider hacker group is suspected to be behind the M&S breach, known for social engineering and phishing attacks that impersonate IT staff to gain access. Scattered Spider previously targeted MGM Resorts and Caesars Entertainment in 2023 using similar techniques. Law enforcement has since begun making arrests and issuing indictments against suspected members, including UK national Tyler Robert Buchanan, arrested in Spain, and four other affiliates indicted by the US Department of Justice.
While attribution in the Peter Green Chilled ransomware attack remains unclear, cybersecurity experts highlight an escalating trend of ransomware-as-a-service (RaaS) operations aimed at logistics firms to maximize disruption and extort high-value targets.
“Disrupted deliveries, wasted stock, and financial losses all have real-world consequences,”
— Chris Dimitriadis, ISACA
As the investigation unfolds, affected partners and retailers are expected to review their third-party risk exposure and bolster defenses across their supply chain ecosystems.
Peter Green Chilled has not yet issued a public statement. Further updates will follow as new details emerge.
