Software vendor Blue Yonder, which supplies supply chain management tools to major retailers worldwide, has been hit by a ransomware attack which has affected Starbucks and some UK supermarkets.
Blue Yonder confirmed on November 21 that it was experiencing disruptions to its managed services-hosted environment due to the attack.
Those disruption have extended to some of its major customers, with Starbucks’ employee schedules and payroll systems temporarily unavailable.
In the UK, Sainsbury’s and Morrisons, two of the country’s top six retailers, have also experienced some impact.
A Morrisons spokesperson told CNN, “We have reverted to a backup process but the outage has caused the smooth flow of goods to our stores to be impacted.”
Blue Yonder said it was investigating the attack with the help of external cybersecurity firms.
“At this point in time, we do not have a timeline for restoration,” the firm said on November 23.
Information on Ransomware.live shows that security firm Hudson Rock has observed infostealer data relating to one Blue Yonder employee and 44 of the firm’s customers’ staff.
Blue Yonder (formerly JDA Software) is an American supply chain management company founded in 1985.
It was acquired by Panasonic in 2021 and operates as an independent subsidiary. The company has an annual revenue of over $1.1bn and 6000 employees.
Other Blue Yonder customers include high-profile organizations like AB InBev, Asda, Bayer, Carlsberg, DHL, Marks & Spencer, Morrisons, Nestle, 3M, Tesco, Procter & Gamble, Renault and 7-Eleven.
Blue Yonder was contacted for comment by Infosecurity but did not respond at the time of publication. This article may be updated if new information becomes available or if the company provides a response.