Starbucks and Grocery Stores Face Disruption after Ransomware Attack on Blue Yonder

Written by

Software vendor Blue Yonder, which supplies supply chain management tools to major retailers worldwide, has been hit by a ransomware attack which has affected Starbucks and some UK supermarkets.

Blue Yonder confirmed on November 21 that it was experiencing disruptions to its managed services-hosted environment due to the attack.

Those disruption have extended to some of its major customers, with Starbucks’ employee schedules and payroll systems temporarily unavailable.

In the UK, Sainsbury’s and Morrisons, two of the country’s top six retailers, have also experienced some impact.

A Morrisons spokesperson told CNN, “We have reverted to a backup process but the outage has caused the smooth flow of goods to our stores to be impacted.”

No Restoration Timeline Yet

Blue Yonder said it was "working around the clock to respond to this incident" and had started investigating the attack with the help of external cybersecurity firms.

“At this point in time, we do not have a timeline for restoration,” the firm said on November 23 and again on Novemeber 24.

Information on Ransomware.live shows that security firm Hudson Rock has observed infostealer data relating to one Blue Yonder employee and 44 of the firm’s customers’ staff.

Michael Smith, CTO of cloud security provider Vercara, commented: "A service outage such as a ransomware attack disrupts this dependency chain in ways that we don't expect. While we should have Service level agreements (SLAs), they are applied after the service interruption and are not a preventative measure. We reached a point a couple of years ago where ransomware gangs realized that their primary targets were reasonably well defended.  They shifted focus to service providers as a proxy for all of their customers. And because service providers have multiple customers and a ransomware incident penalizes them with SLAs, they are more likely to pay a ransom."

Blue Yonder's High-Profile Customer Portfolio

Blue Yonder (formerly JDA Software) is an American supply chain management company founded in 1985 with several Fortune 500 customers.

It was acquired by Panasonic in 2021 and operates as an independent subsidiary. The company has an annual revenue of over $1.1bn and 6000 employees.

Other Blue Yonder customers include high-profile organizations like AB InBev, Asda, Bayer, Carlsberg, DHL, Marks & Spencer, Morrisons, Nestle, 3M, Tesco, Procter & Gamble, Renault and 7-Eleven.

Blue Yonder was contacted for comment by Infosecurity but did not respond at the time of publication. This article may be updated if new information becomes available or if the company provides a response.

What’s hot on Infosecurity Magazine?