Starbucks, grocery stores impacted by Blue Yonder ransomware attack
Supply chain management SaaS vendor Blue Yonder announced on November 21 that it experienced a ransomware attack that impacted its managed services hosted environment.
“Since learning of the incident, the Blue Yonder team has been working diligently together with external cybersecurity firms to make progress in their recovery process. We have implemented several defensive and forensic protocols,” the company said.
“With respect to the Blue Yonder Azure public cloud environment, we are actively monitoring and currently do not see any suspicious activity.”
The company has 3,000+ customers across 76 countries. The incident has substantially disrupted several of the company’s customers, including large firms.
A Starbucks spokesperson told CNN that the attack is forcing the coffee chain to revert to manual processes to ensure its employees are paid.
Several major U.S. grocery chains rely on Blue Yonder, including Albertsons, the parent company of Safeway and Jewel-Osco, and Kroger, which owns Ralphs and Fred Meyer.
In the latest update shared on November 24, Blue Yonder said they are working around the clock to respond to this incident and continue to make progress.
Read more:
- Cybercriminals turn to pen testers to test ransomware efficiency
- Ransomware activity shows no signs of slowing down
UPDATE (December 9, 2024, 11:10 a.m. ET):
The relatively new Termite ransomware group has claimed the Blue Yonder breach.
“We are aware that an unauthorized third party claims to have taken certain information from our systems. We are working diligently with external cybersecurity experts to address these claims. The investigation remains ongoing,” the company said on Friday.