Latest news with #cyberattack
Wall Street Journal
5 hours ago
- Business
- Wall Street Journal
Iranian Crypto Exchange Hacked, More Than $90 Million Taken
Iran's largest cryptocurrency exchange was drained of more than $90 million on Wednesday, with a pro-Israel hacking group claiming responsibility, according to a blockchain analysis firm. The cyberattack on the exchange, Nobitex, appeared motivated by the ongoing hostilities between Israel and Iran, blockchain analysis firm Elliptic said in a blog post. Elliptic said the hack had been carried out by Gonjeshke Darande, or 'Predatory Sparrow,' which claimed responsibility for an attack on Iran's Bank Sepah earlier this week. A post on an X account associated with Gonjeshke Darande overnight said the exchange's source code would be released in 24 hours and that assets in the exchange would be vulnerable. Elliptic founder Tom Robinson said the claim was credible.
Forbes
10 hours ago
- Business
- Forbes
Cyberattack On Whole Foods Supplier Disrupts Supply Chain Again
SAN RAFAEL, CALIFORNIA - JUNE 11: A shelf is seen bare in the frozen foods section of a Whole Foods ... More store on June 11, 2025 in San Rafael, California. United Natural Foods, the primary food distributor to Whole Foods, has paused deliveries to Whole Foods stores after a cyberattack crippled its system. Some Whole Foods stores are experiencing empty shelves and freezers. (Photo by) On June 5, 2025, a cyberattack forced United Natural Foods Inc., the primary distributor for Whole Foods Market, to shut down its systems and halt deliveries to more than 30,000 grocery stores across North America. Nearly two weeks later, the company is still operating on a limited basis, relying on workarounds and manual processes. This was not a minor glitch but a direct hit to the digital backbone of the food supply chain. Grocery stores were deemed essential infrastructure during the COVID-19 pandemic, with workers hailed as frontline heroes. Now, in 2025, the breach at UNFI raises a chilling question: what a biological virus could not shut down, could a cyberattack succeed in crippling? If malicious actors can freeze the software that moves food, they can empty shelves, disrupt lives and trigger cascading economic impacts. 'Food security is national security,' one lawmaker warned earlier this year. Congress appears to agree and has introduced the bipartisan Farm and Food Cybersecurity Act of 2025. What happened, and what could have been done to stop it? Whole Foods Market locations across the U.S. experienced product shortages after a cyberattack on ... More its primary distributor, United Natural Foods Inc., disrupted supply chains in June 2025. UNFI, based in Providence, Rhode Island, is North America's largest publicly traded wholesale grocery distributor. The company operates more than 50 distribution centers and supplies approximately 30,000 locations, including supermarkets, independent grocers and food service providers. On June 5, the company detected unauthorized activity on its systems and immediately activated its incident response plan. As a precaution, it took portions of its network offline, which disrupted order processing, fulfillment and shipment capabilities. Law enforcement and external cybersecurity experts were called in to assist with the investigation. The outage was swift and severe. Automated systems for ordering and inventory went dark, forcing cancellations of employee shifts and a return to manual processes. Business operations were impacted across the board, resulting in significant delivery delays. UNFI did not publicly disclose the breach until June 9, when it filed an 8-K with the Securities and Exchange Commission. The company warned that disruptions would continue and outlined its reliance on manual workarounds to maintain critical grocery shipments while digital systems remained down. The downstream impact on retailers was immediate. Whole Foods Market, which depends heavily on UNFI, saw noticeable shortages in key categories. Refrigerated and perishable sections in many stores went empty. Store employees posted apology signs for out-of-stock items and explained delays. Customers posted photos of empty shelves across multiple locations. Independent grocers and regional chains also reported missed or delayed shipments. Many scrambled to find backup suppliers. Some succeeded, but others simply ran out of stock, leaving consumers with fewer options. Even the United States military's Defense Commissary Agency was affected. Fifty-three commissary stores reported delays. While some mitigated the issue with manual ordering, many still faced inventory shortfalls. A single breach had turned into a national supply chain shock. With just-in-time inventory models and limited buffers, grocers were vulnerable to even short-term digital outages. The result was fewer choices for shoppers and deeper concerns for the industry. As of mid-June, UNFI has not confirmed the source or type of cyberattack. The company has avoided calling it ransomware, and no group has claimed responsibility. Still, experts widely agree that the attack shares several characteristics typical of ransomware events, including a full system shutdown, containment procedures and prolonged disruption. While unproven, the consensus is that ransomware is the most likely explanation, especially given the sharp rise in attacks against the food and retail sectors. In similar cases, attackers have encrypted systems and demanded payment in exchange for restored access. On a June 10 earnings call, UNFI Chief Executive Officer Sandy Douglas said only that the company was managing through the incident and focused on safe restoration. The company has shared few details. It remains unclear whether any data was stolen or whether negotiations are ongoing. The lack of attribution could indicate behind-the-scenes engagement with law enforcement, which is common in complex ransomware cases. Until the investigation is complete, the grocery sector remains on high alert. The breach underscores just how vulnerable essential supply chains have become. The attack on UNFI is part of a broader trend of attacks on the food supply chain. Recent high-profile incidents include: Cybercriminals have proven they can cause real-world consequences across the food sector. 'The cyberattack on United Natural Foods is not an isolated incident but part of a growing trend,' said Jeff Wichman, incident response director at Semperis. The risk is no longer hypothetical. The attack has sparked urgent conversations throughout the grocery industry. Key priorities include: Cybersecurity is no longer optional. Food supply chains are essential and increasingly targeted. Resilience must be a top priority across every tier of the industry. By mid-June, UNFI had resumed shipments from most distribution centers and made progress restoring systems. Still, many operations rely on manual processes, and product shortages persist in some regions. The impact is ongoing and visible. This breach should serve as a turning point. Whole Foods and other retailers must invest in both digital defenses and supply chain resilience. Distributors must act with urgency. In the business of feeding families, downtime is unacceptable. The next attack could hit harder and spread faster. The time to prepare is now.
Daily Mail
10 hours ago
- Business
- Daily Mail
Morrisons has 'bounced back' from cyber attack, says boss
The chief executive of supermarket chain Morrisons has hailed the group's recovery from a cyber-attack. Rami Baitiéh said the grocery firm had 'bounced back strongly' since its technology provider, Blue Yonder, suffered a ransomware incident last November. Morrisons constructed a new warehouse management system to maintain its stock levels after the hack badly disrupted its operations. Its like-for-like revenue growth subsequently slowed to just 2.1 per cent in the quarter ending 26 January, compared to 4.9 per cent over the prior three months. However, the Bradford-based retailer reported that its comparable turnover increased by 3.9 per cent in the 13 weeks ending 27 April, while total sales expanded by 4.2 per cent to £3.9billion. Morrisons also revealed that its first-half underlying earnings before nasties climbed by 7.2 per cent to £344million. The group, which is owned by US private equity firm Clayton, Dubilier & Rice, opened 42 franchise sites during the period, taking the overall number of Morrisons Daily convenience outlets to above 1,700. Alongside this, it began trials of several in-store schemes, introducing a new World Foods offer and a revamped fresh food counter concept, Market Street, that more closely resembles a farm shop. Baitiéh said: 'Against the backdrop of a challenging macro environment, with inflation driving subdued consumer sentiment, value remains at the forefront of customers' minds. 'Throughout the first half, we've worked hard on helping customers through these challenges with a rigorous focus on price, promotions and meaningful rewards for loyalty.' Morrisons further announced that it had raised its cost savings target to £1billion after surpassing its initial £700million goal during the last quarter. The company unveiled the original cost-cutting target two years ago to help finance price reductions for consumers struggling with inflationary pressures, caused mainly by soaring energy bills and supply chain disruptions. As part of these plans, Morrisons declared its intention in March to shut over 50 cafes, four pharmacies, multiple convenience stores and florists, and dozens of counters serving meat, fish, or hot food. About 365 jobs are at risk of permanent redundancy due to the closures, with the majority of those affected working in the convenience stores. Morrisons exited the convenience market in 2015 after selling its M local sites, but returned to the sector just months later with the launch of its Morrisons Daily brand. It currently holds an 8.4 per cent share of the UK grocery market, according to recent data from market research organisation Kantar.
Zawya
12 hours ago
- Business
- Zawya
India's TCS says none of its systems were compromised in M&S hack
Tata Consultancy Services said none of its "systems or users were compromised" as part of the cyberattack that led to the theft of customer data at retailer Marks and Spencer, its client of more than a decade. "As no TCS systems or users were compromised, none of our other customers are impacted" independent director Keki Mistry told its annual shareholder meeting. "The purview of the investigation (of customer) does not include TCS," Mistry added. This is the first time India's No 1 IT services company has publicly commented on the cyber hack. M&S did not immediately respond to a request for comment. TCS is one of the technology services providers for the British retailer. In early 2023, TCS reportedly won a $1 billion contract for modernising M&S' legacy technology with respect to its supply chain and omni-channel sales while increasing its online sales. The "highly sophisticated and targeted" cyberattack which M&S disclosed in April will cost about 300 million pounds ($403 million) in lost operating profit, and disruption to online services is likely until July. Last month, Financial Times reported that TCS is internally investigating whether it was the gateway for a cyberattack. Mistry presided as the chairman at the company's annual shareholder meeting as Tata Group Chairman N Chandrasekaran skipped it due to "exigencies". The chairman's absence comes as the Group's airline Air India plane with 242 people on board crashed after take-off in Ahmedabad last week, killing all passengers except one. (Reporting by Sai Ishwarbharath B and Haripriya Suresh, Editing by Louise Heavens)
BBC News
12 hours ago
- Politics
- BBC News
Cyber attackers steal personal data from Oxford City Council
Cyber attackers have stolen personal details of election workers from a council database, the authority has gained access to "historical data on legacy systems" on the weekend of 7 and 8 June, Oxford City Council authority said it had taken action to prevent any further incursion and had contacted people who were potentially said: "This unlawful breach of council systems is deeply regrettable for all impacted." In a statement, the council said automatic security systems kicked in when the attack was detected, minimising the council said an investigation into the extent of the breach was added: "We have now identified that people who worked on Oxford City Council-administered elections between 2001 and 2022, including poll station workers and ballot counters, may have had some personal details accessed. "The majority of these people will be current or former council officers."We understand that people will be concerned and today we have individually contacted people potentially affected to explain what happened [and] what support is available."There is no evidence to suggest that any of the accessed information has been shared with third parties."The authority apologised for disruption to some services over the last week while external cyber security specialists checked systems. You can follow BBC Oxfordshire on Facebook, X (Twitter), or Instagram.
