CONFERENCE Cyber AI & Automation Summit - NOW LIVE
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Ransomware

Starbucks, Grocery Stores Hit by Blue Yonder Ransomware Attack

Supply chain management software provider Blue Yonder has been targeted in a ransomware attack that caused significant disruptions for some customers.

Software Supply Chain Attack

A ransomware attack on supply chain management software provider Blue Yonder has caused significant disruptions for some of the company’s customers, including several major firms. 

Arizona-based Blue Yonder revealed on November 21 that its managed services hosted environment had been experiencing disruptions due to a ransomware attack. 

The company immediately launched an investigation and started working on restoring impacted services. In the latest update shared on its website on November 24, Blue Yonder said it had been making steady progress, but did not have a timeline for fully restoring services. 

Blue Yonder said it hired a cybersecurity firm to assist its investigation and restoration efforts, but did not share any other information on the attack itself.

No known ransomware group appears to have taken credit for the attack. However, these types of cybercrime groups only name victims and leak data (if they have stolen any) if the victim refuses to pay up or negotiations stall. 

Blue Yonder provides an end-to-end supply chain platform and claims to have over 3,000 customers across 76 countries, including retailers, manufacturers and logistics services providers.

Several high-profile customers have confirmed being impacted by the service disruptions at Blue Yonder. One of them is Starbucks, which said the incident impacted its ability to pay baristas and manage employee schedules. 

In the UK, two of the biggest grocery store chains — Morrisons and Sainsbury’s — have been hit, according to The Grocer.

Advertisement. Scroll to continue reading.

Morrisons, which uses Blue Yonder solutions for warehouse management, has been using a manual backup system due to the outage. The supermarket said the incident has impacted deliveries from suppliers and the availability of some products. 

Sainsbury’s also confirmed being hit, but said it has procedures in place to mitigate the impact of the incident. 

According to CNN, Blue Yonder solutions are also used by US grocery chains, including Albertsons and Kroger, as well as other types of companies such as Ford, Procter & Gamble, and Anheuser-Busch, but it’s unclear if they have been impacted in any way.

Related: Polyfill Supply Chain Attack Hits Over 100k Websites 

Related: GitLoker Strikes Again: New “Goissue” Tool Targets GitHub Developers and Corporate Supply Chains

Related: Lottie-Player Supply Chain Attack Targets Cryptocurrency Wallets

Related: North Korean APT Exploited IE Zero-Day in Supply Chain Attack

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Video platform Vimeo has appointed Ryan Weeks as Chief Information Security Officer.

LPL Financial has welcomed Renana Friedlich as Chief Information Security Officer.

SSH Communications Security has appointed Pauli Haikonen as the company’s Chief Information Security Officer (CISO).

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.