Wyatte Grantham-Philips, Associated Press
NEW YORK (AP) – Recent cyberattacks and data breaches strings involving systems from major retailers have begun to affect shoppers.
United Natural Foods, a wholesaler supplying Whole Foods and other grocery stores, said this week that violations of its system disrupt its ability to meet orders.
In the UK, consumers were unable to order from the Marks & Spencer website for more than six weeks. There are fewer options in the store after hackers targeted British clothing, homes and food retailers. A cyberattack by British grocery chain Co-op has also led to empty shelves in some stores.
Cyberattacks are on the rise across the industry. But when the target is a consumer-oriented business, the intrusion of corporate technology has its own implications.
Beyond the possibility of cease sales of physical goods, violations can expose customer personal data to future phishing or fraudulent attempts.
This is what you need to know.
Cyberattacks are on the rise overall
Despite organizations’ continued efforts to boost cybersecurity defenses, experts note that cyberattacks continue to rise across the board.
Cliff Steinhauer, director of information security and engagement at the National Cybersecurity Alliance, a US nonprofit, also saw the “surge in retail victims” of such attacks.
“Cybercriminals are moving a little faster in terms of ensuring that they have a system,” he said.
Ransomware attacks in which hackers require large payments to restore hacked systems explain an increase in the share of cybercrime, experts say. And of course, the retail industry isn’t the only sector affected. Tracking by global cybersecurity and software escrow company NCC Group showed that industrial businesses were often targeting ransomware attacks in April, with companies in the “consumer discretion” sector continuing.
Attackers know that it has a particularly impact when chasing famous brands and products shoppers buy or need every day, experts point out.
“Creating that confusion and panic with consumers puts pressure on retailers,” Steinhauer said, especially when there is a ransom demand.
Ade Clewlow, Associate Director and Senior Advisor for NCC Group, points to disruptions in the food supply chain in particular. Product shortages have been seen following cyberattacks targeting M&S and cooperatives, such as remote supermarkets in the UK where stocks are already tense.
“People went literally without basics,” Klewlow said.
Personal data is also at risk
It affects business operations and cyber violations can damage customer data. Information ranges from names and email addresses to more sensitive data, such as credit card numbers, depending on the scope of the violation. Therefore, experts say consumers need to remain vigilant.
“If (consumers) provide personal information to these retailers, they have to just become security guards. They need to go straight away, they need to really move forward,” Clewlow said.
Scammers may send visual emails asking retailer account holders to change their passwords or change promising fake promotions to get customers to click on a rough link. The rule of thumb is to pause before opening anything and visit the company’s certified website or call the official customer service hotline to check your email, experts say.
It is also best not to reuse the same password on multiple websites. This is because if one platform is compromised, its login information can be used to enter other accounts through a tactic known as “qualification stuffing.” Steinhauer adds that freezing credits when available using multifactor authentication can also help with additional defence lines.
Which companies have reported recent cybersecurity incidents?
Various consumer companies have reported recent cybersecurity incidents. This includes violations in which some companies have shut down their businesses.
United Natural Foods, a leading distributor of Whole Foods and other grocery stores in North America, adopted some of its systems offline after discovering “fraud activity” on June 5th.
In its securities application, the company said the incident had an impact on its “ability to meet and distribute customer orders.” United Natural Foods said in an update Wednesday that it is “working steadily” to gradually recover its services.
Still, that meant a learing supply of certain items this week. A Whole Foods spokesman told The Associated Press via email that he was working to restock the shelves as soon as possible. The Amazon-owned grocery store and United Natural Foods partnership is currently running until May 2032.
Meanwhile, a security breaches detected by Victoria’s Secret last month have led popular lingerie sellers to close US shopping sites for nearly four days and stop in-store services. Victoria’s Secret later revealed that its corporate system was also affected, and the company began to delay the release of its first quarter revenue.
Several UK retailers, including M&S, Harrods and cooperatives, have pointed out all the impacts of recent cyberattacks. The attack, which was first reported on the Easter weekend, stopped processing online orders and also emptyed shelves at several stores.
The company estimated last month that it would cost £300 million ($400 million) from the attack. However, progress towards recovery was shared Tuesday, with M&S announced that some of its online ordering operations have returned.
Other violations exposed Adidas, the North Face, reportedly revealing customer data that some contact information reportedly revealed recently breached.
In a statement, the North Face said it had discovered a “small qualification stuffing attack” on its website in April. The company reported that credit card data is intact and said the incident that affected 1,500 consumers was “quickly locked up.”
Meanwhile, Adidas revealed last month that “fraudulent external parties” had obtained data through third-party customer service providers, mostly contact information.
It is unknown if the incident is connected. Experts like Steinhauer should note that hackers may target software used by many different companies and organizations. However, the scope of tactics used may indicate the involvement of different groups.
Businesses also have a variety of languages regarding cyberattacks and security breaches. It also depends on when you know it. However, many people do not immediately or publicly specify whether ransomware is involved or not.
Still, Steinhauer says the chances of ransomware attacks are “very high” in today’s cybersecurity situation. Key metrics may include companies that take the system offline and delays in financial reporting.
Overall, experts say it is important to build “cyber hygiene” defense and preparation across the organization.
“Cyber is a business risk and it needs to be treated that way,” Klewlow said.
Original issue: June 11, 2025, 4:09pm EDT
