United Natural Foods (UNFI), a major distributor of groceries to Whole Foods and other retailers, said on Monday that it was hit by a cyberattack, warning of disruptions to its ability to fulfill and distribute customer orders. 

UNFI said in a Monday filing with the U.S. Securities and Exchange Commission that it became aware of unauthorized access to its IT systems last Thursday, and began shutting down portions of its network. The filing added that the company has “implemented workarounds for certain operations in order to continue servicing its customers where possible,” but noted that the intrusion has caused ongoing disruptions to its business operations.

The Providence, RI-based company is one of the largest grocery distributors in North America, selling fresh produce, goods and food products to more than 30,000 stores and supermarket locations across the U.S. and Canada.

UNFI also serves as the “primary distributor” to Whole Foods, the Amazon-owned grocery chain. Last year, the two companies extended their long-running contract until May 2032. 

When reached by TechCrunch, UNFI spokesperson Kristen Jimenez would not describe the nature of the cyberattack or say if the intruder had demanded a ransom from the company.

“We are assessing the unauthorized activity and working to restore our systems to safely bring them back online,” said Jimenez, adding that the incident was reported to law enforcement.

A spokesperson for Whole Foods did not immediately return a request for comment on Monday. 

The incident at UNFI is the latest in a string of cyberattacks affecting the wider retail and grocery supply chain in recent months. Following the data breaches at U.K. retail giants Marks & Spencer and the Co-op, Google warned that hackers were also targeting U.S. retailers, though it did not name the affected companies.

When asked, UNFI did not say when it expects to recover its systems.

Do you know more about the cyberattack at UNFI? Are you a corporate customer affected by the disruption? You can securely contact this reporter via encrypted message at zackwhittaker.1337 on Signal.