Cyber Incident Victim: Peter Green Chilled
Date:
May 2025
Location:
United Kingdom
Summary
A ransomware attack disrupted Peter Green Chilled, a chilled food distributor supplying major UK supermarkets. Hackers encrypted the company's data and locked systems, halting order processing while transport activities continued unaffected. This caused significant supply chain disruption, placing thousands of pounds worth of perishable customer products at risk of spoilage due to delivery delays. The incident highlights cybersecurity vulnerabilities faced by smaller logistics firms within the critical cold chain sector, which handles a substantial portion of UK food distribution and has experienced a recent surge in attacks.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On the evening of Wednesday, May 14, 2025, logistics firm Peter Green Chilled, a supplier of chilled food to major UK supermarkets including Tesco, Sainsbury's, and Aldi, suffered a ransomware attack. Hackers encrypted the company's data and locked it out of its computer systems, demanding payment to restore access. The attack was confirmed by Peter Green Chilled via an email sent on Thursday, May 15, which stated that no new orders would be processed that day, although orders prepared before the attack on Wednesday would still be dispatched. The company, based near Shepton Mallet in Somerset, specializes in transporting chilled food primarily to regional stores but is relatively small compared to larger UK distributors like Lineage, GXO, and Culina. Managing Director Tom Binks stated that while the cyber attack occurred, the actual transport activities of the business continued unaffected throughout the incident. Peter Green Chilled informed its clients they were receiving regular updates, including "workarounds" intended to help them continue deliveries despite the disruption to the company's order processing systems.
The immediate impact of the ransomware attack centered on the potential spoilage of perishable goods entrusted to Peter Green Chilled. Wilfred Emmanuel-Jones, founder of The Black Farmer and a customer, reported having approximately ten pallets of meat products with the distributor, representing thousands of packs. He expressed significant concern that if these products were not delivered to retailers promptly, they would have to be discarded, resulting in substantial financial loss as the products wasted away while the supply chain was halted. The incident highlighted the vulnerability of smaller logistics firms within the critical cold chain sector, which handles about half of the food consumed in the UK. Phil Pluck, chief executive of the Cold Chain Federation, noted a "huge increase" in cyber and ransomware attacks targeting warehousing, food storage, and distribution companies over the preceding year, contrasting with only sporadic incidents a few years prior. He stated that hackers target this sector precisely because they understand its critical role in putting food on supermarket shelves, using that leverage to pressure companies into paying ransoms. Pluck also indicated that such attacks are "hugely underreported" across all sectors, as victims lose control during the incident and subsequent investigations by police and insurers. This attack followed recent, larger cyber incidents affecting retailers Marks & Spencer and Co-op, emphasizing the broader threat to the retail supply chain identified by security experts.