Dive Brief:
- United Natural Foods, Inc.’s commercial operating capacity has returned to “normalized levels” as of this week following the cyberattack that temporarily brought down its online systems in June, the grocery distributor disclosed Wednesday.
- The company expects to lose between $350 million and $400 million in sales as a result of the attack, with the overall operational impact of the incident mostly limited to its current quarter.
- Despite the cyberattack, UNFI has modestly raised its sales expectations for its current fiscal year, although the company expects a higher loss than it had earlier projected.
Dive Insight:
UNFI has been working with its customers and suppliers to stamp out the remnants of the cyberattack and has largely regained its full ability to fill orders for grocers, CEO Sandy Douglas said during a call with analysts Wednesday morning. The company anticipates that its “underlying momentum” will continue in its upcoming fiscal year, which begins in August, he added.
“By and large, our key metrics like fill rates and on-time delivery are very close to pre-incident levels. There’s some diversity across our [distribution centers], so we’re continuing to refine and in those cases, we’re surging the right support to get those DCs online, but we’re very close to the key operating metrics that we had before the incident started,” Douglas said.
The company incurred $20 million in expenses as it implemented manual processes and took steps to prevent spoilage in the wake of the cyberattack, President and CFO Matteo Tarditi said during the call. UNFI also spent $5 million on cybersecurity experts, legal assistance and other costs related to the incident, he noted.
UNFI now expects sales for its current fiscal year to fall in a range of $31.6 billion to $31.8 billion. In addition, the company expects to record a pre-tax and free cash flow loss of between $65 million and $75 million due to the incident.
UNFI anticipates that reimbursement through its cyber insurance policy will be enough to cover the recovery and remediation expenses it incurred due to the incident. The company expects to receive insurance reimbursement primarily during fiscal 2026, adding that the company remains on track to meet its multi-year financial goals, Tarditi said.
“Our momentum and improvement opportunities remain significant, and we expect these will continue to translate into sustainable shareholder value creation,” Tarditi said.
Asked whether the incident has affected UNFI’s ability to bring on new retailers, Douglas said the company delayed onboarding one new customer by about 60 days to ensure its operations “were fully up to speed.” But he said the new customer, which he did not name, is “on track with that delay.”
“Our business development conversations continue to be productive, and I think in general, we view, obviously, this to have been a very challenging experience with us and all of our customers, but we’ve learned a lot and emerged from it stronger than when we went in,” Douglas said.
Douglas said UNFI intends to provide additional details to customers about “what we’re doing to further strengthen our perimeter” so they can be confident in the company’s capabilities.
“We’ve learned some things that we’re going to share with [retailers], because they also are in the cybersecurity business. And I think it’ll go both ways from a value creation standpoint,” said Douglas.
