Nov 26, 2024 11:32:00

Ransomware attack on Panasonic subsidiary Blue Yonder disrupts Starbucks and other businesses, forcing employees to manually calculate payroll

Blue Yonder , a world-leading supply chain software developer that was acquired by Japan's Panasonic in September 2021, has been hit by a ransomware attack. As a result, it has become clear that the tools used for schedule management, inventory management, and other business operations at Sainsbury's, a major British supermarket chain, and Starbucks, a coffee chain that use Blue Yonder's services, are now unable to be used.

Starbucks, Other Retailers Hit by Ransomware Attack on Tech Provider - WSJ
https://www.wsj.com/articles/starbucks-other-retailers-hit-by-ransomware-attack-on-tech-provider-98314528

Ransomware Attack Targets Blue Yonder, Affecting Starbucks
https://www.pymnts.com/cybersecurity/2024/ransomware-attack-targets-supply-chain-management-software-provider-blue-yonder/

Starbucks forced to pay its baristas manually because of a ransomware attack on third-party software | CNN Business
https://edition.cnn.com/2024/11/25/tech/starbucks-ransomware-attack/

Blue Yonder ransomware attack disrupts grocery store supply chain
https://www.bleepingcomputer.com/news/security/blue-yonder-ransomware-attack-disrupts-grocery-store-supply-chain/

Ransomware Attack at Software Supplier Ensnares Starbucks, Grocery Chain | PCMag
https://www.pcmag.com/news/ransomware-attack-at-software-supplier-ensnares-starbucks-grocery-chain

Blue Yonder, one of the world's largest supply chain software providers, announced that it is working to restore services following disruptions to the systems it hosts for its customers on Monday, November 25, 2024 (local time). According to Blue Yonder, the company was hit by a cyber attack in the fourth week of November 2024. As a result of the attack, it is unclear when some services will be restored, but systems running on the public cloud have not been affected by the attack.

Blue Yonder spokesperson Marina Lenneke said, 'Since learning of the incident, Blue Yonder has been working with external cybersecurity firms to advance the recovery process. We have several defensive and forensic protocols in place. Blue Yonder also told CNN, 'We are working around the clock to respond to this incident,' revealing that they are working hard to recover.

It has also been revealed that the ransomware attack on Blue Yonder has affected approximately 11,000 Starbucks stores in North America. As a result of the ransomware attack, Starbucks is no longer able to pay employees or manage their schedules, and store managers are forced to calculate employee payroll manually.

Automaker

Ford Motor, which also uses Blue Yonder's technology, is 'investigating' how the ransomware attack has affected its operations.

Sainsbury's and Morrisons also use Blue Yonder's technology and appear to have been affected by the ransomware attack. Morrisons, which operates approximately 1,600 convenience stores and 500 supermarkets across the UK, revealed that the cyber attack affected its warehouse management system for fresh food and agricultural products. A Morrisons spokesperson told The Wall Street Journal, 'Our backup systems are operating without issue and we are fully committed to delivering to our customers across the country.'

Sainsbury's, which operates 600 supermarkets and more than 800 convenience stores across the UK, told The Wall Street Journal it was in 'close contact with Blue Yonder' and had implemented emergency response processes to keep operations running smoothly.

Blue Yonder's clients include grocery chains Kroger and Albertsons , consumer goods manufacturer Procter & Gamble , and retail pharmacy chain Walgreens . The Wall Street Journal reached out to these companies for comment but did not receive a response at the time of writing.

CNN reported that Blue Yonder hired the cybersecurity firm CrowdStrike to help it recover from the ransomware attack. CNN has reached out to CrowdStrike for comment but has not received a response at the time of writing.