Retail Cyber Breaches Lead to Blocked Orders and Product Shortages

Recent cyberattacks and data breaches targeting major retailers are beginning to directly impact shoppers worldwide.

United Natural Foods, a key supplier to Whole Foods and other grocers, recently disclosed a system breach that disrupted order fulfillment, leaving numerous stores without essential products.

Meanwhile, in the UK, Marks & Spencer’s website was inaccessible for over six weeks, and customers faced limited in-store selections after hackers compromised the retailer’s systems.

Similarly, a cyberattack on the Co-op grocery chain led to empty shelves in some locations.

There's seems to be little public knowledge or concern about the cyberattack on our food infrastructure that is causing huge shortages in grocery stores.

The cashier at my local co-op said it started on Thursday. Their supplier, UNFI wasn't able to accept or place any orders.… pic.twitter.com/uOKwiRTvZr

— KylieRose (@KylieRoseMM) June 11, 2025

While cyber threats have escalated across industries, breaches in consumer-facing businesses carry heightened risks.

Beyond halting product sales, these attacks jeopardise customer data, increasing vulnerability to future phishing schemes and fraud.

Despite continuous efforts to strengthen cybersecurity defenses, experts warn that attacks are on the rise.

Cliff Steinhauer, director of information security at the National Cybersecurity Alliance, noted a significant increase in retail victims over the past year.

He said:

“Cyber criminals are moving a little quicker than we are in terms of securing our systems.”

Ransomware—where hackers demand payment to restore compromised systems—constitutes a growing portion of these crimes.

According to data from the NCC Group, industrial sectors were the primary targets in April, followed closely by consumer discretionary companies.

Attackers deliberately target well-known brands to maximise disruption and leverage daily consumer reliance on these products.

🚨 ATTENTION SHOPPERS! 🚨 A massive cyberattack on United Natural Foods Inc., the primary distributor for Whole Foods, is leaving grocery store shelves EMPTY across the US! Hackers struck last week, forcing UNFI to take systems offline, disrupting deliveries of fresh produce,… pic.twitter.com/89W4Ma1agn

— @XTexasGirlX (@XtexasgirlX) June 11, 2025

Steinhauer stated:

“Creating that chaos and that panic with consumers puts pressure on the retailer.”

Ade Clewlow, associate director at NCC Group, highlights the severe consequences on food supply chains.

Following cyberattacks on M&S and Co-op, supermarkets in remote UK areas, already struggling with inventory shortages, experienced further product scarcity, underscoring the widespread ripple effects of these digital breaches.

Clewlow noted:

“People were literally going without the basics.”

Personal Data Under Increasing Threat

Cyber breaches not only disrupt business operations but also put customer data at serious risk.

Depending on the extent of the attack, stolen information can range from basic details like names and email addresses to highly sensitive data such as credit card numbers.

Experts urge consumers to remain vigilant in the face of these threats.

Clewlow expressed:

“If (consumers have) given their personal information to these retailers, then they just have to be on their guard. Not just immediately, but really going forward.”

Fraudsters often exploit breaches by sending phishing emails that mimic legitimate retailers, urging account holders to reset passwords or enticing them with fake promotions to click malicious links.

The safest approach is to pause before interacting with any suspicious message and independently verify its authenticity by visiting the company’s official website or contacting customer service directly.

Additionally, experts caution against reusing passwords across multiple sites.

A breach on one platform can lead to “credential stuffing,” where hackers use stolen login details to access other accounts.

Steinhauer emphasizes that enabling multifactor authentication wherever possible adds a critical layer of protection against unauthorized access.

Recent Cybersecurity Incidents Reported by Major Companies

Several consumer-facing companies have recently reported cybersecurity incidents, some severe enough to disrupt operations.

On 5 June, United Natural Foods—a major distributor for Whole Foods and other North American grocers—took parts of its systems offline after detecting unauthorised activity.

The company disclosed in a securities filing that the breach impacted its ability to fulfill and distribute customer orders.

Although United Natural Foods reported steady progress in restoring services, some product shortages persisted this week.

Whole Foods, owned by Amazon and partnered with United Natural Foods through May 2032, confirmed efforts to replenish store shelves promptly.

Similarly, Victoria’s Secret experienced a security breach last month that forced the temporary shutdown of its US online store for nearly four days and interrupted certain in-store services.

The lingerie retailer later revealed that its corporate systems were also affected, resulting in a delayed first-quarter earnings report.

In the UK, prominent retailers including Marks & Spencer (M&S), Harrods, and Co-op have all felt the impact of recent cyberattacks.

M&S’s incident, first reported around Easter, halted online order processing and caused some store shelves to empty.

The company estimated a £300 million cost from the attack but has since announced partial restoration of online operations, with more services expected to resume in the coming weeks.

That cyber attack shut down M&S online orders for a month and a half. And it’s just coming back online now.

That’s a huge amount of downtime.

It really is.

You’d think they would have been able to reset something sooner.

It does show how vulnerable some of the infrastructure… pic.twitter.com/QVMKV4OOAm

— TheMekon_Venus (@TheMekon_Venus) June 10, 2025

Other breaches have targeted customer data.

Brands such as Adidas, The North Face, and reportedly Cartier disclosed recent compromises of contact information.

The North Face attributed the breach to a “small-scale credential stuffing attack” affecting 1,500 customers but confirmed no credit card data was accessed.

Adidas reported unauthorised access to data, primarily contact details, via a third-party customer service provider.

Whether these breaches are related remains unclear.

Experts like Steinhauer highlight that hackers often exploit vulnerabilities in widely used software to target multiple organisations, though varying tactics suggest the involvement of different threat actors.

Corporate disclosures vary in detail and timing, with many companies not immediately clarifying whether ransomware was involved.

Nevertheless, Steinhauer observes that ransomware remains a “highly likely” factor in today’s cybersecurity landscape, often indicated by companies taking systems offline or delaying financial reports.

Overall, experts stress the critical importance of strengthening “cyber hygiene” — proactive security measures and preparedness — across organizations to mitigate such threats and minimise operational disruptions.

Clewlow concluded:

“Cyber is a business risk, and it needs to be treated that way.”