Summary:
Peter Green Chilled, a key supplier for UK supermarkets, has suffered a ransomware attack, significantly disrupting its operations. The attack occurred on May 14, 2025, and was disclosed to customers the following day. Though the company says transport operations are still running, it temporarily paused order processing, and communication has since been cut off through normal contact channels.

The impact is already rippling through the supply chain. One supplier, The Black Farmer, is unable to deliver thousands of fresh meat packets, which could spoil if not delivered within days, threatening losses of up to £100,000 (~$133,700). Additional goods from Sweden are stuck in port due to the warehouse’s halted intake, intensifying the crisis.

This incident follows broader cyberattacks in the UK retail sector, including M&S, which is preparing a £100 million (~$133.7 million) cyber insurance claim related to its own ongoing ransomware incident. Experts note that ransomware actors are increasingly targeting supply chain and operational systems to maximize disruption and pressure for ransom payment, rather than simply stealing data.

Security Officer Comments:
This is similar to when one part of a group project fails and it all falls apart. Peter Green Chilled is a company that helps transport food from farms and factories into grocery stores, and since hackers encrypted their computers using ransomware, a lot of that food can no longer be transported. Some of it might even go bad if it doesn't get moved within a short while.

Imagine having a meat-filled fridge that you cannot get to , that is what is being done to small businesses like The Black Farmer, and it's costing them a lot of money. And yet the big retailers like M&S are being cyberattacked too and might well need an enormous amount of money just to sort out the mess.

Hackers target companies such as these because if they can take out one piece, they break everything, and that means the victim is more likely to pay. It's scary how one attack can hurt businesses, consumers, and what ultimately ends up on your dinner plate.

Suggested Corrections:
Supply chain resilience planning: Retailers and logistics firms must create contingency plans for cyber disruptions, including alternative distribution paths and backup warehouse agreements.

Segment critical systems: Keep operational tech (like warehouse and transport systems) isolated from business networks to limit ransomware spread.

Regular backups: Implement and test immutable, off-site backups that allow for full system restoration without paying ransom.

Endpoint protection and email filtering: Use threat detection software that blocks phishing attempts and suspicious links — a common ransomware entry point.

Vendor and third-party risk management: Evaluate and audit cybersecurity practices of partners, especially those in logistics and storage.

Employee awareness training: Teach staff to recognize suspicious emails or behavior that could signal a breach attempt.

Incident response planning: Have a clear, rehearsed response plan that includes IT, legal, communications, and supply chain teams.

Link(s):
https://www.theregister.com/2025/05/20/ransomware_attack_on_food_distributor/