- Blue Yonder confirmed suffering a ransomware attack
- Several of its customers came forward, saying they were affected, too
- At press time, the company was still working on restoring services
Supply chain management giant Blue Yonder has confirmed suffering a ransomware attack that greatly disrupted its services – and as a result, many of its customers have also had trouble operating.
A short announcement published on the company’s website on November 22 said a day before, it HAD “experienced disruptions to its managed services hosted environment”. Subsequent investigation confirmed that it was a ransomware attack.
“Since learning of the incident, the Blue Yonder team has been working diligently together with external cybersecurity firms to make progress in their recovery process. We have implemented several defensive and forensic protocols,” the announcement reads. “With respect to the Blue Yonder Azure public cloud environment, we are actively monitoring and currently do not see any suspicious activity.”
Hitting Starbucks
Newer updates do not share any meaningful information, however multiple media publications have uncovered how the attack affected the company’s clients.
Blue Yonder is a leading supply chain management, logistics, and retail software company that uses AI and machine learning to optimize operations and improve decision-making. According to BleepingComputer, it has more than 3,000 clients around the world, including some of the biggest names out there – Coca-Cola Beverages Florida, Kimberly-Clark, and Bayer.
As per a CNN report, Starbucks is one of the companies feeling the effects of the ransomware attack. Allegedly, the coffee chain uses Blue Yonder to track and manage its baristas’ schedules. Furthermore, two of the four biggest grocery chains in the UK – Morrisons, and Sainsbury, also confirmed being affected by the attack.
At press time, Blue Yonder was still working on restoring its services. So far, no threat actors have come forward to claim responsibility for the attack, so we don’t know who the attackers were, or how much money they are asking in exchange for the decryption key. Finally, we don’t know if Blue Yonder lost any company, or customer data in the process.