A cybersecurity incident has rattled United Natural Foods Inc. (UNFI), disrupting operations at the major food distributor and raising concerns about the fragility of the US supply chain.

UNFI, based in Providence, Rhode Island, first detected unauthorized activity on its systems on June 5. The company responded by taking certain systems offline and initiating its incident response plan. As a result, its ability to process and fulfill orders has been hampered.

With more than 30,000 retail partners, including Whole Foods Market, UNFI plays a central role in distributing natural and organic foods nationwide. The impact of the breach is already being felt downstream.

“The incident has caused, and is expected to continue to cause, temporary disruptions,” the company stated in a filing with the Securities and Exchange Commission. An investigation into the scope of the attack is underway, but it’s still early, and UNFI has not confirmed whether any data was compromised.

CEO Sandy Douglas acknowledged the challenges and said UNFI is working closely with customers to manage short-term impacts.

To stay operational, UNFI has implemented manual workarounds and is working with external cybersecurity professionals to bring its systems back online. Law enforcement has also been notified.

Experts say the consequences of an attack on a distributor of this scale go beyond the company itself. “When a major supplier like this is hit, empty shelves and delayed deliveries are the immediate result,” said Grant Geyer of Claroty. He called for stronger network segmentation and better third-party risk management to prevent similar events in the future.

For now, key details about the incident, including the attacker’s identity and motive, remain unclear.