Updated November 27, 2024: This article, originally published on November 26, now includes more information from Starbucks as well as security experts regarding the broader implications of the Blue Yonder ransomware attack.
A cyberattack, confirmed to be ransomwareagainst AI-powered supply chain platform Blue Yonder has wider impacts on both sides of the Atlantic: Starbucks in the US would be affected as would at least two of the big four UK supermarket chains. Here’s what we know so far.
Blue Yonder Falls victim of ransomware: Retailers feeling the heat
Blue Yonder describes itself as a global leader in digital supply chain transformation with an AI-powered platform that facilitates everything from fulfillment to delivery logistics. When a global player in the retail supply chain is hit by ransomware, you can be sure that the repercussions will ripple across both sides of the Atlantic, and that’s the case with a cyberattack confirmed by Blue Yonder as having taken place on November 21. “Blue Yonder experienced disruptions to its hosted managed services environment, which were determined to be the result of a ransomware incident,” an official statement said. “Our investigation is still ongoing, but please know that our priority is ensuring a safe and secure recovery. At this time we do not have a restoration schedule. » Blue Yonder’s last situation update was issued on November 24 and indicated that the response to the incident continued to progress but that it was still unable to confirm a timeline for the full restoration of the service.
Reuters has reported that Starbucks was affected by the Blue Yonder ransomware attack, impacting barista scheduling and payment management as a back-end process was disrupted. A Starbucks spokesperson told Reuters that the incident “does not impact its customer service and that the company was working to ensure its employees were fully paid for their hours worked, with disruptions or limited deviations.
I contacted Starbucks for more information and a spokesperson, who did not want to be quoted directly, told me that Starbucks was working as quickly as possible to ensure that all employees were fully paid for their hours worked and without interruption or deviation to the best of its possibilities. Indeed, Blue Yonder has provided a back-end Starbucks process that allows the employee scheduling platform to track hours worked and also allow those employees to view and manage their schedules. The Starbucks spokesperson told me that it was able to process payroll as planned and that the company had the necessary features to ensure that those scheduled to work on Thanksgiving received holiday pay as expected. Starbucks wanted to clarify that the Blue Yonder incident had no direct impact on customers and that its stores were open and serving coffee as usual.
Ransomware cleanup in the UK
Two of the UK’s big four supermarket chains, Morrisons and Sainsbury’s, are also believed to have been affected by the Blue Yonder ransomware attack.
Meanwhile, a spokesperson for Sainsbury’s told the same trade publication that it was “in close contact with Blue Yonder and could reassure our customers that emergency measures were in place”.
“The recent ransomware attack on Blue Yonder highlights the importance of having predetermined security measures in place within supply chains,” said Jake Moore, Global Cybersecurity Advisor at ESET. supply chain networks, including all those of third party suppliers. Moore said standard security protocols such as regular software updates, staff training and strict access controls “are often overlooked but fall directly into the hands of supply chain attackers.” By proactively addressing known attack entry points,” he concluded, “enterprises have a much better solution. chance of resilience in the face of such threats. »
This is a developing story, which I will return to as more updates on the continued impact and recovery from the ransomware attack become available.