A ransomware attack against a supply chain manager has disrupted payroll and scheduling services for major international companies, including Starbucks and one of Britain’s largest grocery store chains.
Blue Yonder, an Arizona-based company that provides software for managing supply chains, reported last week that it experienced disruptions due to a ransomware incident. In a statement, the company confirmed the cyberattack and stated that it had engaged outside cybersecurity firms to assist in recovery efforts, though its systems remain affected.
The company emphasized that its team is working diligently to address the incident, but it has not provided a timeline for restoring services. Blue Yonder did not immediately respond to additional requests for comment.
Founded in 1985, Blue Yonder is known for its digital supply chain transformation solutions and serves over 3,000 clients using its A.I.-driven software for various business operations, including payroll and forecasting. However, the company has not disclosed which specific clients or services were impacted by the attack.
The ransomware incident has compelled Starbucks locations to revert to manual scheduling methods, and it has hindered the chain's ability to process employee payments, affecting around 11,000 stores in North America. A spokesperson for Starbucks assured that all employees would be compensated for hours worked and noted that customer service operations remained unaffected.
Morrisons, a major grocery chain in Britain, also confirmed that the cyberattack disrupted its warehouse management system for fresh produce. Other large retailers, such as Sainsbury’s, utilize Blue Yonder’s software and may face similar challenges.
Experts indicate that ransomware attacks are escalating in frequency and severity. This type of cybercrime involves hackers accessing internal systems and locking data until a ransom is paid. Victims of these attacks extend beyond large corporations, impacting hospitals and government agencies as well.
David Hall, a criminology professor at Leeds University, noted a significant increase in ransomware incidents, stating that the number of major attacks has risen from five per year in 2011 to approximately 20 to 25 per day currently.
Technological advancements have heightened the risks associated with such attacks, particularly for third-party service providers like Blue Yonder. Hall explained that breaches in these systems not only compromise the targeted company but also disrupt the daily operations of its clients.
Navigating significant ransomware attacks presents challenges, and as of now, no group has claimed responsibility for the Blue Yonder incident, which is unusual given the elapsed time since the attack began.