Ransomware attack on Blue Yonder hits Starbucks and supermarkets around the world


  • Blue Yonder confirmed it was the victim of a ransomware attack
  • Several customers came forward saying they too were affected
  • At the time of writing, the company was still in the process of restoring service

Supply chain management giant Blue Yonder has confirmed that it has suffered a ransomware attack that has severely disrupted its services – and as a result, many of its customers have also had issues functioning.

A brief announcement published on the company’s website on November 22 said it had “experienced outages in the hosted environment of its managed services” a day earlier. Further investigation revealed that it was a ransomware attack.

“Since learning of the incident, the Blue Yonder team has been working diligently with third-party cybersecurity companies to make progress in their recovery process. We have implemented several defensive and forensic protocols,” the announcement reads. “With regard to the Blue Yonder Azure public cloud environment, we are actively monitoring and are currently not seeing any suspicious activity.”

Hitting Starbucks

Newer updates do not share meaningful information, but multiple media publications have revealed how the attack affected the company’s customers.

Blue Yonder is a leading supply chain management, logistics and retail software company that uses AI and machine learning to optimize operations and improve decision making. According to BleepingComputerit has more than 3,000 customers around the world, including some of the biggest names around: Coca-Cola Beverages Florida, Kimberly-Clark and Bayer.

According to one CNN reportStarbucks is one of the companies feeling the effects of the ransomware attack. The coffee chain is reportedly using Blue Yonder to track and manage the schedules of its baristas. In addition, two of Britain’s four largest supermarket chains – Morrisons and Sainsbury – also confirmed they had been affected by the attack.

At the time of writing, Blue Yonder was still in the process of restoring its services. So far, no threat actors have come forward to claim responsibility for the attack, so we don’t know who the attackers were, or how much money they are asking for in exchange for the decryption key. Finally, we do not know whether Blue Yonder has lost company or customer data.

You might also like it

Related Post