Dive Brief:
- Ahold Delhaize said in a Friday statement that it had "detected a cybersecurity issue within its U.S. network” and was investigating with help from outside experts, but did not indicate what might have impacted its online infrastructure. The company said it took some systems down and notified authorities about the incident.
- Hannaford’s e-commerce services remained unavailable Monday morning, continuing an outage that began last week. Websites operated by Ahold Delhaize’s other U.S. banners appeared to be operating normally after earlier displaying warnings about potential disruptions.
- Ahold Delhaize said all of its U.S. stores were open but that the IT problems had affected some pharmacies and e-commerce functions.
Dive Insight:
Ahold Delhaize has remained tight-lipped about the extent of the cybersecurity issue, which hit just weeks away from the start of winter holidays in the U.S. — a traditionally busy sales period for grocers.
“This issue and subsequent mitigating actions have affected certain Ahold Delhaize USA brands and services including a number of pharmacies and certain e-commerce operations,” Ahold Delhaize said in the Friday press release. The company did not provide further details on the extent of the impacts for each of its five U.S. brick-and-mortar grocery chains.
On Friday, Hannaford posted on Instagram that it had canceled pickup and delivery orders that day “as our associates cannot view orders placed,” noting that customers may see a pending transaction on their bank account that should clear within several days. Most of the chain’s pharmacies were processing prescriptions but some may be unable to accept phone calls. The chain’s stores remained open with most accepting “all major forms of payment, including credit cards,” the post said.
The websites for Giant Food, Stop & Shop, The Giant Company and Food Lion each posted an identical note online last Friday saying that customers may experience disruptions and reduced availability for pickup and delivery due to “system outages.” The note has since been removed from each of those banners’ sites. Hannaford’s website and app remain offline as of early Monday afternoon.
It’s unclear how much the cybersecurity issue has impacted Ahold Delhaize’s e-commerce sales. In the third quarter, Ahold Delhaize’s U.S. e-commerce sales decreased 0.1%, with “double-digit online growth” at Food Lion, Hannaford and The Giant Company partially offsetting negative impacts from the divestment of FreshDirect.
In a Monday morning statement, an Ahold Delhaize spokesperson said all of the company’s stores in the U.S. “are open to serve customers and are taking online payments,” but did not provide further details about the IT issues the grocer is facing.
The technology issues that struck Ahold Delhaize last week follow key changes in the company’s IT leadership during the past two years.
Carl Cahill, who formerly served as CISO for Ahold Delhaize in the U.S., left his position in October, according to his LinkedIn profile. In addition, Rom Kosla, who served since 2021 as CIO at Retail Business Services, the services arm of Ahold Delhaize USA, left last June to become the CIO of Hewlett Packard Enterprise.
The spokesperson said that Jason Colby, deputy CISO and VP of global cyber defense operations for Ahold Delhaize, is serving as CISO for the company’s U.S. business. Jennifer Watson, who formerly led information security for the company’s U.S. operations, is Ahold Delhaize’s global CISO, according to the spokesperson.