'Cybersecurity issue' at Food Lion parent blamed for US grocery mayhem

Retail giant Ahold Delhaize, which owns Food Lion and Stop & Shop, among others, is confirming outages at several of its US grocery stores are being caused by an ongoing "cybersecurity issue."

The Dutch-Belgian biz, known in Europe for outlets such as Albert Heijn and Delhaize, and in the US for Stop & Shop, Hannaford, Food Lion, and more, said it pulled some systems offline, impacting some pharmacies and e-commerce operations.

"Immediately upon detecting the issue, our security teams began an investigation with the assistance of external cybersecurity experts," a statement reads. "We also notified law enforcement.

"Each of Ahold Delhaize USA's brands' stores are open and serving customers. We will continue to take actions to further protect our systems. The security of our customers, associates, and partners is a top priority. 

• Robots crush career opportunities for low-skilled workers
• iFixit to the rescue: McDonald's workers can rescue their own ice cream machines
• Schools bombarded by nation-state attacks, ransomware gangs, and everyone in between
• Sainsbury's bags a ticket to RISE with SAP, hoping not to trip like Asda

"We apologize for any inconvenience this issue may have caused customers and partners."

The Register requested an update on the situation but the company has yet to provide one.

It's understood the challenges for the US retail stores have been ongoing for one week now and while the specifics of the case are still being gathered officially – these things tend to take time in cyber investigations – staff at the affected stores flocked to social media to voice their experiences.

Stop & Shop customers said recently that their local store's pharmacy was suffering from IT issues and unable to refill prescriptions. The workaround was to have them sent to a nearby Walgreens, but the process was hampered as the store's phone lines were also down.

However, reporting from local news agencies suggest the pharmacy-specific IT issue has now been resolved and existing prescriptions could be filled.

Those who claim to be involved in delivering supplies to stores also said the prices and costs listed on invoices appear to be mismatched.

Different stores also seem to be affected to different degrees. Some reported their services already being back online as of Saturday, while others had no internet access and were relying on personal hotspots from their personal devices to keep operations moving.

The Food Lion subreddit has been especially active, with users who claim to be staff members talking of similar issues. 

Reports of delayed or missing deliveries are abundant and those which do arrive are in short supply for some. As of Sunday, invoices were also showing mismatched figures as has been reported of Stop & Shop. Similarly, phone lines were down too. 

Others said Food Lion To Go and Instacart orders were unavailable, with the latter's return date continually pushed back, and elsewhere some payment services are said to be limited.

Lower-level associate employees at a number of locations were also allegedly told by their managers they weren't allowed to discuss the matter with colleagues in an attempt to stop word of the issues from reaching social media. Others said this wasn't the case at their store, however.

One staff member also raised concern that financial data may have been impacted. Within days of the incident unfolding, the person claimed that numerous fraudulent purchases were made using their debit card, although it's not clear if the two events are linked.

The Register asked Ahold Delhaize about this and whether it believes any data was compromised in the attack, but it didn't respond.

At the time of writing, Hannaford's website remained down, displaying the message: "Sorry! We're having technical issues with our servers. We're working as quickly as possible to restore service."

We tried to access the other US brands' websites (Giant, Food Lion, and Stop & Shop) from the UK but even a VPN couldn't get past their web protections which blocked our access.

Across all four retail brands, there are nearly 2,000 stores in the US that are potentially impacted by the cybersecurity incident. 

More than 1,000 of these belong to Food Lion, which claims to employ more than 82,000 staff and serve more than 10 million customers a week, illustrating the scale of the impact the issues could have should they continue to affect retail outlets. ®