KP Snacks said the attack had “compromised” its systems and that it “cannot safely process orders or dispatch goods”.
Messages sent by wholesaler Nisa to its partners on 1 February told stores to “expect supply issues on base stock and promotions until further notice”.
KP Snacks makes some of Britain’s most popular crisp brands, including Hula Hoops, Tyrell’s, McCoy’s and Skips.
“Initial discussions have highlighted that no orders will be being placed or delivered for a couple of weeks at least and service could be affected until the end of March at the earliest,” the notice said.
News of the hack was first reported by Better Retailing, which has also obtained a letter from KP Snacks alerting Nisa of the attack.
The letter said KP Snacks’ IT team and third-party experts are “assessing the scale of the intrusion”.
“As a result, at this stage we cannot safely process orders or dispatch goods. We have teams working through the resolution, but it is unknown when this will be resolved,” the letter added.
In a statement to the Independent, KP Snacks said it had become aware of the attack on 28 January.
“As soon as we became aware of the incident, we enacted our cybersecurity response plan and engaged a leading forensic information technology firm and legal counsel to assist us in our investigation,” the statement said.
“Our internal IT teams continue to work with third-party experts to assess the situation.
“We have been continuing to keep our colleagues, customers, and suppliers informed of any developments and apologise for any disruption this may have caused.”
The news comes shortly after Dutch supermarket chain SPAR was forced to close a number of stores following a ransomware attack in December 2021.
The retailer said that more than 300 stores had been affected, but many were able to stay open by only accepting cash due to debit and credit card payments not being able to operate.
At the time, the retailer said the incident had affected all of the company’s IT systems including staff emails.