Pierluigi Paganini November 12, 2024

A cyber attack affected Ahold Delhaize USA brands, disrupting Giant Food, Hannaford, their pharmacies, and e-commerce services.

A cyber attack hit the food giant Ahold Delhaize impacting US pharmacies and supermarket chains owned by the company. As of Tuesday, Hannaford’s e-commerce portal is down due to server issues, while websites for Food Lion, Giant Food, The Giant Company, and Stop & Shop remain accessible, displaying an incident notice from the US branch of the company.

Ahold Delhaize is a Dutch-Belgian multinational retail and wholesale holding company. Its name comes from the 2016 merger of two companies: Ahold (Dutch) and Delhaize Group (Belgian), which both have origins in the 1800s. Its business format includes supermarkets, convenience stores, hypermarkets, online grocery, online non-food, drugstores, and liquor stores. Its 16 local brands employ 402,000 people at 7,716 stores across nine countries.

The holding company operates several supermarkets and ecommerce sites in the US, including Food Lion, Giant Food, Hannaford, Stop & Shop, and The Giant Company.

The US branch of the company detected a cybersecurity issue on November 8, 2024, the incident impacted the network infrastructure in the U.S. Once detected the problem, the security teams began an investigation with the help of external cybersecurity experts. The company also notified law enforcement. Ahold Delhaize USA confirmed that all its brand stores remain open and continue serving customers.

“Our teams are taking steps to assess and mitigate the issue. This includes taking some systems offline to help protect them. This issue and subsequent mitigating actions have affected certain Ahold Delhaize USA brands and services including a number of pharmacies and certain e-commerce operations.” reads the statement published by the company on its web site.  

“Each of Ahold Delhaize USA’s brands’ stores are open and serving customers. We will continue to take actions to further protect our systems. The security of our customers, associates and partners is a top priority.” 

The company did not share specific details about the incident, but its actions suggest it may have been the target of a ransomware attack.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, cyber attack)