Ransomware attack on Blue Yonder disrupts Starbucks, Sainsbury’s, Morrisons
Attack on Blue Yonder has impacted several of its high-profile clients
Starbucks has confirmed that a ransomware attack on software supplier Blue Yonder has disrupted its internal systems for managing employee schedules and tracking work hours.
The incident has primarily affected Starbucks' North American operations, including approximately 11,000 stores across the United States and Canada.
Starbucks says the cyberattack has compromised its ability to track baristas' hours and manage payroll systems. As a result, the coffee giant is facing challenges in accurately paying its baristas.
However, its customer-facing operations remain unaffected by the outage.
"Keeping our partners whole despite the outage continues to be our priority and we're ensuring they will receive pay for all hours worked," Starbucks said.
Blue Yonder, a supply chain management software provider, disclosed last week that it had experienced a ransomware attack and was actively working to resolve the issue.
The attack disrupted the company's managed services hosted environment, impacting several of its high-profile clients.
Blue Yonder said it was investigating the incident with the help of external cybersecurity experts. Meanwhile, the company has implemented defensive and forensic protocols to limit the damage and assess the extent of the breach.
"The Blue Yonder team is working around the clock to respond to this incident and continues to make progress," the Arizona-based Panasonic subsidiary said.
While Blue Yonder has not provided a specific timeline for restoration, it has assured customers that its Azure public cloud environment remains secure.
"With respect to the Blue Yonder Azure public cloud environment, we are actively monitoring and currently do not see any suspicious activity," the company said.
The attack on Blue Yonder has impacted several other high-profile clients.
The company’s client roster includes heavyweights across various sectors. Its software is used by US grocery giants Albertsons and Kroger-parent companies of Safeway, Jewel-Osco, Ralph's, and Fred Meyer-as well as major manufacturers.
UK supermarket chains Morrisons and Sainsbury's have faced significant disruptions over the weekend.
Morrisons reported that the incident affected its warehouse management system for fresh food and produce. The company assured customers that it is operating on backup systems and is working to minimise disruption.
"We are currently operating satisfactorily on our backup systems and we're working very hard to deliver for our customers across the country," a Morrisons spokesperson said.
No group has claimed responsibility for the attack, and Blue Yonder has not disclosed what type of information may have been accessed during the incident.
The timing of the attack, just days before the Thanksgiving holiday in the US, is particularly concerning for the retail industry.
Earlier this month, Ahold Delhaize's US operations suffered a cyberattack, highlighting the growing threat of cyberattacks on essential services.
In September, luxury British department store Harvey Nichols disclosed that it had been the victim of a data breach that involved the compromise of sensitive data such as names, email addresses, phone numbers and home addresses.
Last year, high street clothing retailer JD Sports said it was hit by a cyberattack that could have affected up to 10 million online customers.