What is the official website of UNFI ?

The official website of UNFI is http://www.unfi.com.

What is UNFI's cybersecurity risk score?

UNFI has an AI-generated cybersecurity risk score of 658 out of 1000, indicating a Weak security posture according to Rankiteo's assessment.

How many security incidents has UNFI experienced?

According to Rankiteo, UNFI currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has UNFI been affected by any supply chain cyber incidents ?

According to Rankiteo, UNFI has been affected by a supply chain cyber incident involving UNFI, with the incident ID UNF2855428092925.

Does UNFI have SOC 2 Type 1 certification ?

According to Rankiteo, UNFI is not certified under SOC 2 Type 1.

Does UNFI have SOC 2 Type 2 certification ?

According to Rankiteo, UNFI does not hold a SOC 2 Type 2 certification.

Does UNFI comply with GDPR ?

According to Rankiteo, UNFI is not listed as GDPR compliant.

Does UNFI have PCI DSS certification ?

According to Rankiteo, UNFI does not currently maintain PCI DSS compliance.

Does UNFI comply with HIPAA ?

According to Rankiteo, UNFI is not compliant with HIPAA regulations.

Does UNFI have ISO 27001 certification ?

According to Rankiteo,UNFI is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does UNFI operate in ?

UNFI operates primarily in the Food and Beverage Services industry.

How many employees does UNFI have ?

UNFI employs approximately 17,121 people worldwide.

Does UNFI own any subsidiaries ?

UNFI presently has no subsidiaries across any sectors.

How many LinkedIn followers does UNFI have ?

UNFI's official LinkedIn profile has approximately 140,835 followers.

What is the NAICS classification code for UNFI ?

UNFI is classified under the NAICS code 722, which corresponds to Food Services and Drinking Places.

Does UNFI have a Crunchbase profile ?

No, UNFI does not have a profile on Crunchbase.

Does UNFI have a LinkedIn profile ?

Yes, UNFI maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/unfi.

How many cybersecurity incidents has UNFI experienced ?

As of June 12, 2026, Rankiteo reports that UNFI has experienced 2 cybersecurity incidents.

How many peer or competitor companies does UNFI have ?

UNFI has an estimated 8,733 peer or competitor companies worldwide.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

UNFI

Boost Score +25 with badge (5 left)

658

/1000

Weak

683

/1000

Weak

UNFI Vendor Cyber Rating & Cyber Score

unfi.com

Add Your Compliance Badge

UNFI is North America’s Premier Food Wholesaler. We transform the world of food for our associates, customers, suppliers and the families we serve every day. With deeper full store selection and compelling brands for every aisle, built on an unmatched heritage in great food and fresh thinking. And smarter food solutions, from fulfillment to insights and beyond, that help entrepreneurs and major brands alike unlock their full potential and transform their businesses – for the better. Better Food. Better Future.

UNFI A.I CyberSecurity Scoring

Scoring History

UNFI

UNFI CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

UNFI

Cyber Attack

100

6/2025

UNFI

UNF285542809292...

UNFI

Ransomware

6/2024

UNF846090225

Loading…

A.I.

UNFI Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for UNFI

Incidents vs Food and Beverage Services Industry Avg (This Year)

No incidents recorded for UNFI in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for UNFI in 2026.

Incident Types UNFI vs Food and Beverage Services Industry Avg (This Year)

No incidents recorded for UNFI in 2026.

Incident History - UNFI (X = Date, Y = Severity)

Loading…

SUBSIDIARY

UNFI Subsidiaries

UNFI

Food and Beverage Services

Website: http://www.unfi.com

Company Size: 10,000+ employees

Albert's Organics CareersFood and Beverage Services

UNFI CanadaFood and Beverage Services

Loading…

UNFI Similar Companies

Red Bull

redbull.com

Red Bull Gives Wiiings to People and Ideas. This has driven us – and all we do – since 1987. Today, Red Bull operates in over 170 countries, selling more than 12 billion cans annually and growing! Above all, our people remain the essential ingredient in bringing the Red Bull brand to life. Check out our open roles to become part of the world of Red Bull. Most jobs take energy, ours give it. Check out our open roles to become part of the world of Red Bull – jobs.redbull.com

Grupo Bimbo

grupobimbo.com

Grupo Bimbo es la empresa líder en panificación y un jugador relevante en snacks. Hornea +9,000 productos, distribuyéndolos a través de +3.5 millones de puntos de venta con +54,000 rutas. Grupo Bimbo tiene +153,000 colaboradores, +1,500 centros de ventas estratégicamente localizados en 35 países de América, Europa, Asia y África. 249 panaderías y plantas, distribuye, comercializa y elabora una variedad de productos, entre los que destacan el pan de caja, bollería, pan dulce, pastelitos, galletas, pan tostado, English muffins, bagels, tortillas y flatbread y botanas saladas, entre otros. Grupo Bimbo tiene +100 marcas, algunas de ellas son Bimbo, Marinela, Barcel, Milpa Real, Tía Rosa, Thomas, Takis, Sara Lee, Little Bites, Artesano, Saníssimo, Pullman, Ideal, Harvest Gold, The Rustik Bakery, Dempsters, POM, Supán, entre otros. Sus acciones cotizan en la Bolsa Mexicana de Valores (BMV) bajo la clave de pizarra BIMBO y en el mercado extrabursátil de Estados Unidos a través de un programa de ADR Nivel 1, bajo la clave de pizarra BMBOY.

Nestlé

nestle.com

As the world’s largest food and beverage company we are driven by a simple aim: unlocking the power of food to enhance quality of life for everyone, today and for generations to come. To deliver on this, we serve with passion, with a spirit of excellence, offering products and services for all stages of life, every moment of the day, helping people care for themselves and their families. Our culture is based on our values rooted in respect: respect for ourselves, respect for others, respect for diversity and respect for the future. We can trace our origin back to 1866, when the first European condensed milk factory was opened in Cham, Switzerland, by the Anglo-Swiss Condensed Milk Company. One year later, Henri Nestlé, a trained pharmacist, launched one of the world’s first prepared infant cereals ‘Farine lactée’ in Vevey, Switzerland. Today, we employ around 273,000 people and have factories or operations in almost every country in the world. With our headquarters still based in the Swiss town of Vevey, we had sales of CHF 84.3 billion in 2020. Our portfolio covers almost every food and beverage category – offering products and services for all stages of life, every moment of the day, helping people care for themselves and their families. House rules: https://nes.tl/HouseRules

Keurig Dr Pepper Inc.

cb keurigdrpepper.com

Keurig Dr Pepper (KDP) is a leading beverage company in North America, with annual revenue in excess of $14.1 billion and nearly 28,000 employees. KDP holds leadership positions in soft drinks, specialty coffee and tea, water, juice and juice drinks and mixers, and markets the #1 single serve coffee brewing system in the U.S. and Canada. The Company’s portfolio of more than 125 owned, licensed and partner brands is designed to satisfy virtually any consumer need, any time, and includes Keurig®, Dr Pepper®, Green Mountain Coffee Roasters®, Canada Dry®, Snapple®, Bai®, Mott's®, CORE® and The Original Donut Shop®. Through its powerful sales and distribution network, KDP can deliver its portfolio of hot and cold beverages to nearly every point of purchase for consumers. The Company is committed to sourcing, producing and distributing its beverages responsibly through its Drink Well. Do Good. corporate responsibility platform, including efforts around circular packaging, efficient natural resource use and supply chain sustainability. For more information, visit, www.keurigdrpepper.com.

Arca Continental

arcacontal.com

Arca Continental produces, distributes and sells non-alcoholic beverages under The Coca-Cola Company brand, as well as snacks under the brands of Bokados in Mexico, Inalecsa in Ecuador and Wise in the US. With an outstanding history spanning more than 98 years, Arca Continental is the second-largest Coca-Cola botter in Latin America and one of the largest in the world. Within its Coca-Cola franchise territory, the company servers over 119 million consumers in northern and western Mexico, Ecuador, Peru, northern Argentina and southwestern region of the U.S. The Company´s shares trade on the Mexican Stock Exchange under the ticker symbol "AC". For more information on Arca Continental, please visit www.arcacontal.com

Frito-Lay

cb fritolay.com

We believe every consumer should have access to their favorite snack, everywhere. We own the manufacturing process from seed to shelf and actively invest in technology to automate key steps of the process. This helps us be more agile in what we need to make, who we need to make it for, and how we can best deliver it to snack lovers from coast to coast.

VARUN BEVERAGES LIMITED

varunbeverages.com

Varun Beverages Limited (VBL) is one of the top FMCG players in the Indian Market. We are on track towards strengthening our position in the global beverage industry with our presence in 14 countries in the Indian sub-continent and Africa - where we are responsible for producing popular brands like Pepsi, Mirinda, 7up, Mountain Dew, Slice, Aquafina, Sting, Tropicana, Gatorade, and many more and making them readily available at outlets near you. We are committed towards delivering a refreshing beverage experience to our consumers. VBL in India is the second-largest franchisee partner for PepsiCo (outside US) and is powered by #HungryForMore spirit of 10,000+ employees who contribute to making the VBL family stronger and bigger every-day. Life@VBL is about endless opportunities and maximizing learnings every-day. We take immense pride in our employees’ commitment, ownership, and spirit of #OneTeamOneDream. We are equally committed to ESG principles; focusing on environmental stewardship and actively participating in community initiatives demonstrate our dedication to giving back to the environment and society. Our robust governance framework ensures accountability and sustainability in everything we do. For more details, please visit our website.

Perfetti Van Melle

perfettivanmelle.com

Perfetti Van Melle is a privately owned company, producing and distributing candies and chewing gums in more than 150 countries worldwide. Employing over 17.000 people and operating 37 companies throughout the world, Perfetti Van Melle has a true global reach: it is present in the Asia Pacific Region, Europe, Middle East, Africa and the Americas The industrial adventure of Perfetti Van Melle began many years ago, but it was in March 2001 that the current Group was set up through the merger of Perfetti Spa and Van Melle N.V. In July 2006 the Group acquired the Spanish company Chupa Chups S.A., famous all over the world for its lollypops. Our brands convey the passion we have for our products. We continuously explore new ways of doing things and innovative ideas that will inspire and delight our consumers worldwide. Our global brands Mentos, Chupa Chups, Alpenliebe gratify, refresh, inspire consumers of all ages around the globe. Other brands are extremely popular in regional markets with innovative tastes that match local preferences.

Suntory Holdings Limited

suntory.com

As a global leader in the beverage industry, Suntory Group aims to inspire the brilliance of life, by creating rich experiences for people, in harmony with nature. Sustained by the gifts of nature and water, the Group offers a uniquely diverse portfolio of products, from award-winning Japanese whiskies Yamazaki and Hibiki, iconic American whiskies Jim Beam and Maker's Mark, canned ready-to-drink -196 (minus one-nine-six), The Premium Malt’s beer, Japanese wine Tomi, and the world-famous Château Lagrange. Its brand collection also includes non-alcoholic favorites Orangina, Lucozade, Oasis, BOSS coffee, Suntory Tennensui water, TEA+ Oolong Tea, and V energy drink, as well as popular health and wellness product Sesamin EX. Founded as a family-owned business in 1899 in Osaka, Japan, Suntory Group has grown into a global company operating throughout the Americas, Europe, Africa, Asia and Oceania, with an annual revenue (excluding excise taxes) of $20.5 billion in 2025. Its 41,628 employees worldwide draw upon the unique blend of Japanese artisanship and global tastes to explore new product categories and markets.

Loading…

NEWS

UNFI CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

March 25, 2026 04:55 PM

United Natural Foods investigates cybersecurity breach, stock drops over 9%

United Natural Foods (NYSE:UNFI) reported Monday that it has taken parts of its systems offline after detecting “unauthorized activity,” prompting an...

Read Article

August 07, 2025 07:00 AM

EXCLUSIVE: Lessons Learned After UNFI's Cyber Incident

Progressive Grocer recently had the opportunity to sit down with United Natural Foods Inc. (UNFI) CEO Sandy Douglas to discuss how the...

Read Article

July 17, 2025 03:32 PM

UNFI Says Cyberattack Cost is up to $400M in Sales, $50M in EBITDA

UNFI expects a loss of sales from a June cyberattack but remains on track to meet its long-term financial goals ahead of schedule.

Read Article

July 17, 2025 07:00 AM

United Natural Foods loses up to $400M in sales after cyberattack

The food distributor and wholesaler completely shut down its systems upon discovering the attack last month, yet core systems were restored...

Read Article

July 17, 2025 07:00 AM

UNFI Revises 2025 Guidance, Maintains Long-Term Growth Focus

United Natural Foods, Inc. UNFI, North America's premier grocery wholesaler, has updated the fiscal 2025 financial outlook while reaffirming...

Read Article

July 16, 2025 07:00 AM

UNFI expects cyberattack to cost it at least $350 million in sales

The grocery distributor's operations have largely returned to normal, and the company believes the operational impact of the attack will be...

Read Article

July 16, 2025 07:00 AM

UNFI’s cyberattack loss could be $425M but net sales outlook is increased

United Natural Foods Inc. (UNFI) is almost fully recovered from a June cyberattack that could cost the company up to $425 million in lost...

Read Article

July 16, 2025 07:00 AM

United Natural Foods Projects Up to $400M Sales Hit From June Cyberattack

United Natural Foods (UNFI) estimates a $350–$400 million sales impact from a June 2025 cyberattack but expects insurance to offset losses.

Read Article

June 30, 2025 07:00 AM

UNFI expects financial hit from cyberattack as recovery continues

Major North American grocery wholesaler United Natural Foods, Inc., has disclosed that the cyberattack it experienced earlier this month...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-47238

SUMMARY

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #133, a normal authenticated user can edit another user's video subtitles because of a lack of authorization. They can upload subtitles, edit their name or delete them. This issue has been patched in version 5.5.3 - #133.

Published

Date2026-06-11

Updated

Date2026-06-11

RISK INFORMATION (Score: 6.5)

cvss3

Base Score: 6.5

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Impact Score

2.5

Exploitability

3.9

REFERENCES

https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-x468-whmw-c863

CVE-2026-45418

SUMMARY

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #132, any authenticated user who can upload videos can add multiple subtitles from different files and change their title (English, Spanish...). The POST /actions/subtitle_edit.php request used to change their title includes a number parameter which is vulnerable to SQL Injection. A boolean-based blind SQL injection can be used to exfiltrate sensitive data. This issue has been patched in version 5.5.3 - #132.

Published

Date2026-06-11

Updated

Date2026-06-11

RISK INFORMATION (Score: 8.8)

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

2.8

REFERENCES

https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-q233-m544-6jqr

CVE-2026-45060

SUMMARY

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #129, the actions/progress_video.php endpoint is vulnerable to blind SQL injection. Any unauthenticated user can exploit the ids parameter to execute SQL queries and exfiltrate sensitive data. This issue has been patched in version 5.5.3 - #129.

Published

Date2026-06-11

Updated

Date2026-06-11

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

3.9

REFERENCES

https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-wpq3-gxx7-c76h

CVE-2026-42846

SUMMARY

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #140, ClipBucket's Remote Play feature allows any authenticated user to add a video by importing an external URL as the source. Some shell commands are run with the URL as a parameter. The URL is concatenated directly into shell commands without escaping then executed, so any shell metacharacter in the URL is interpreted. This results in arbitrary command execution. This issue has been patched in version 5.5.3 - #140.

Published

Date2026-06-11

Updated

Date2026-06-11

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

3.9

REFERENCES

https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-hvfx-hxmr-28c7

CVE-2026-6250

SUMMARY

An authenticated format string vulnerability exists in the ONVIF service of Tapo C110 v2 due to improper handling of user-controlled input. Externally controlled data is interpreted as a format string, which can be used to manipulate stack memory, including control flow data such as return addresses. A remote authenticated attacker may redirect execution flow to existing internal functions, triggering an unauthorized factory reset, leading to loss of configuration, deletion of stored credentials and service disruption.

Published

Date2026-06-11

Updated

Date2026-06-11

RISK INFORMATION (Score: )

cvss4

Base Score: 7.0

Complexity: LOW

CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…