Peter Green Chilled, a major distributor of chilled and fresh products to British supermarkets, has reportedly fallen victim to a ransomware attack orchestrated by an as-yet unnamed cyber criminal operation, becoming the latest organisation in the British retail sector to be affected by a security incident.
Established as a haulage company working with Somerset dairy suppliers 60 years ago, Peter Green has grown into a little-known but well-established player in the nationâs cold chain â temperature-controlled warehousing and transport â sector, supplying the likes of Aldi, Sainsburyâs and Tesco among others. It is also a supplier of IT services including transport and warehouse management systems (T/WMS), electronic data interchange (EDI), stock and temperature control systems, and vehicle tracking and monitoring.
According to BBC Radio 5 Liveâs Wake up to money programme â which was first to report the story â the attack appears to have begun on the evening of Wednesday 14 May and has left the organisation unable to accept new orders.
A spokesperson for Peter Green told the programme it was not in a position to be able to discuss the incident further. However, one of the organisationâs customers, The Black Farmer founder Wilfred Emmanuel-Jones, said that almost a week into the incident, he had been offered no solution for how Peter Green was going to get stock he had already delivered to its warehouses out to retailers.
âIf theyâre not delivered in the next couple of days, because theyâre fresh products, they have to be thrown away,â said Emmanuel-Jones. âFor a small business it is pretty devastating. To make matters even worse is that weâve just also got a delivery thatâs come in from Sweden that is stuck at a port because Peter Green is not taking in any other stock from any suppliers, so we have to try to find some way of getting it to the supermarkets.â
Emmanuel-Jones told the radio programme that his business could stand to lose up to ÂŁ100,000, losses that would be hard for a small organisation to bear.
Computer Weekly reached out to Peter Green Chilled but found its email addresses non-responsive.
Link to M&S, Co-op attacks speculative
Absent further information from Peter Green, at the time of writing, any links to the ongoing DragonForce/Scattered Spider incidents affecting Marks and Spencer (M&S) and Co-op are unproven and merely speculative.
However, David Mound, senior penetration tester at third-party risk specialist SecurityScorecard, said the firmâs team was closely monitoring the âemerging patternâ of cyber attacks impacting food retailers.
He said that in drawing other household names into the fray, the developing Peter Green incident highlighted the fragility of interconnected digital supply chains, and was creating a cascading effect throughout the retail sector.
âThese incidents reflect a growing trend among cyber criminal groups to exploit sectors where time sensitivity and perishability heighten pressure to restore operations, increasing the likelihood of ransom payments,â said Mound. âIn food retail, even short-term disruption can lead to spoilage, logistical bottlenecks and loss of consumer trust.
âAttackers are no longer just targeting data; theyâre targeting urgency,â he said. âIn environments where product expiration and just-in-time delivery are business-critical, threat actors understand that every hour offline amplifies the pressure to pay.
âMany critical logistics and IT providers are insufficiently risk-tiered or assessed,â added Mound. âThere is an urgent need for sector-wide collaboration on third-party risk intelligence and resilience standards.
âSecurityScorecard urges all organisations in the food and retail sectors to re-evaluate their third-party risk posture and ensure suppliers are assessed not only for compliance, but for operational resilience under duress.â
