A ransomware attack targeting Blue Yonder, a prominent supply chain management software provider, has disrupted payroll and scheduling services for several high-profile international companies, including Starbucks and UK-based grocery chains like Morrisons.
Blue Yonder, headquartered in Arizona, provides AI-driven supply chain solutions to over 3,000 clients worldwide. Last week, the company confirmed a ransomware incident had caused disruptions in its managed services hosted environment. The company has engaged external cybersecurity experts to help resolve the issue but has not yet provided a timeline for full service restoration.
“The Blue Yonder team is working around the clock to respond to this incident and continues to make progress,” the company said in a Sunday update.
However, Blue Yonder has not disclosed which clients have been affected, nor have they responded to requests for additional comments.
The attack has significantly affected Starbucks’ operations, forcing about 11,000 stores across North America to manage employee schedules manually using pen and paper. Payroll services have also been disrupted, though Starbucks spokesperson Jaci Anderson assured employees they would be paid for all hours worked. Anderson added that customer service remains unaffected by the incident.
In the UK, Morrisons, one of the country’s largest grocery chains, reported disruptions to its warehouse management system for fresh produce. Another major British retailer, Sainsbury’s, which also relies on Blue Yonder’s software, may be similarly impacted.
Ransomware attacks, where hackers infiltrate systems and lock data until a ransom is paid, are becoming increasingly frequent and severe. David Hall, a criminology professor at Leeds University, highlighted the growing scale of these attacks.
“We were getting five major ones a year back in 2011, now we’re getting 20, 25 major ones a day,” Hall said.
Experts warn that attacks on third-party service providers like Blue Yonder pose heightened risks, as they can disrupt operations across multiple businesses. Notably, no group has yet claimed responsibility for this attack, which is unusual given the time elapsed since the breach was first detected.
Ransomware attacks have evolved into a significant global threat, affecting not only corporations but also hospitals, schools, and government agencies. The Blue Yonder incident underscores the vulnerabilities in modern supply chain management and the potential cascading effects when service providers are targeted.
