Blue Yonder’s Ransomware Attack Impacts Starbucks, Sainsbury, and More

• Supply chain software provider Blue Yonder announced on Friday that it suffered a ransomware attack that impacted its U.S. and U.K. clients.
• The outage affected the internal operations of Starbucks, Sainsbury, Morrisons, Albertsons, and Kroger.
• The attack has not been claimed yet, and the company is working towards restoring its operations.

Third-party software supplier Blue Yonder acknowledged a ransomware attack that disrupted its clients’ internal operations across the U.S. and then propagated to U.K. customers. The supply chain software provider disclosed last week that it experienced system outages due to the attack and is actively working to resolve the issue.

Blue Yonder supplies software solutions for supply chain management to U.S. and U.K. grocery stores and Fortune 500 firms as clients. The Arizona-based software firm was acquired by Panasonic in 2021.

“On November 21, 2024, Blue Yonder experienced disruptions to its managed services hosted environment, which was determined to be the result of a ransomware incident,” Blue Yonder said in an initial statement.

The company acknowledged the ransomware attack and stated that efforts are underway to investigate and mitigate the attack's impact while restoring normal operations.

The incident has interrupted Starbucks' ability to manage critical back-end operations, particularly employee scheduling and time-tracking processes. While the disruption does not affect customer-facing services, it has created challenges in payroll management, as reported by Reuters. 

Starbucks has assured its workforce that it is committed to ensuring all employees are compensated accurately and on time despite the instability.

The immediate impact was felt in the U.K., where two big grocery chains, Morrisons and Sainsbury, told CNN they were trying to mitigate the issues triggered by the outage.

Big U.S. grocery chains like Albertsons (the parent company of chains like Safeway and Jewel-Osco) and Kroger (the parent company of chains like Ralphs and Fred Meyer) are also Blue Yonder customers, as well as Proctor & Gamble and Anheuser-Busch, according to Blue Yonder press statements. 

Ransomware attacks on supply chain providers have the potential to create widespread havoc, disrupting not only the targeted vendors but also the businesses dependent on their software. Starbucks’ operations remain under scrutiny as Blue Yonder works towards a resolution. 

Meanwhile, Bitdefender released a free decryptor for the BitLocker-based ShrinkLocker Ransomware victims thanks to a flaw in the old-school ransomware that uses VBScript and a built-in Windows feature for encryption.