- Blue Yonder confirmed suffering a ransomware attack in November 2023
- Termite group claims responsibility, saying it stole sensitive information
- The company is now investigating the claims
A threat actor known as Termite has claimed responsibility for the recent cyberattack on supply chain firm Blue Yonder.
The group, thought to have only started its operations a few months ago, added the company on its data leak site, and detailed the files it allegedly stole in the ransomware attack.
”Our team got 680gb of data such as DB dumps Email lists for future attacks (over 16000) Documents (over 200000) Reports Insurance documents,” Termite said.
Starbucks, Sainsbury, and others all hit
In response to the reports, Blue Yonder said it is currently investigating the claims.
“After the recent ransomware attack, Blue Yonder worked with external cybersecurity firms and strengthened our defensive and forensic protocols. We have notified customers who were impacted by operational disruptions and have been working with them throughout the restoration process,” a spokesperson told BleepingComputer.
“We are aware that an unauthorized third party claims to have taken certain information from our systems. We are working diligently with external cybersecurity experts to address these claims. The investigation remains ongoing.”
Blue Yonder is a major provider of supply chain management, retail planning, and workforce solutions powered by artificial intelligence and machine learning. The ransomware attack greatly disrupted its services, and as a result, many of its customers have also had trouble operating.
The company has more than 3,000 clients around the world, including some of the biggest names out there – Coca-Cola Beverages Florida, Kimberly-Clark, and Bayer.
The ransomware attack greatly disrupted its services, and as a result, many of its customers have also had trouble operating, including Starbucks, as well as two major UK grocery stores – Morrisons, and Sainsbury.