Skip to main content
close search
site logo

Blue Yonder helps restore operations for majority of impacted customers

Starbucks regained access to its employee scheduling platform, while authorities continue to probe claims by a threat group.

Published Dec. 12, 2024
David Jones's headshot
Reporter
An image of a barista wearing green putting a pink drink into a bag
Blue Yonder worked with Starbucks to restore a scheduling platform that went down after the supply chain software provider was targeted in a ransomware attack. Permission granted by Grubhub/Starbucks

Blue Yonder said most customers have restored normal operations following a pre-Thanksgiving ransomware attack, however it will continue to work with others to get their platform back up and running. 

“A significant majority of our impacted customers have had their service restored,” a spokesperson for Blue Yonder told Cybersecurity Dive via email. “Our associates continue to work closely with our impacted customers on the restoration process and keep them updated as appropriate.”

The company is still investigating the Nov. 21 intrusion, which a group called Termite ransomware has claimed credit for on a leak site. Blue Yonder said it was aware of the claim and is working with law enforcement and external forensic experts to further investigate the attack. 

Starbucks on Wednesday confirmed that an employee scheduling platform backed by Blue Yonder technology was back in service. The coffee chain had to manually track barista hours to make sure employees were paid on time when the ransomware attack at Blue Yonder disrupted its operations.

Starbucks plans to remain vigilant over the next few weeks to make sure workers are paid accurately, according to a spokesperson. The company has not detailed exactly what happened during the attack, however it said the connections to Blue Yonder technology was disconnected during the attack as opposed to the hackers gaining direct access to Starbucks systems.

Blue Yonder provides supply chain technology to thousands of customers globally, including retailers, supermarket chains, logistics companies, manufacturers and others. Last week, U.K. supermarket chain Morrisons confirmed that services were restored after the company’s warehouse management system for fresh food and produce was disrupted during the attack. 

Filed Under: Cyberattacks

Editors' picks

Company Announcements

View all | Post a press release
Chemonics International Data Breach Investigation
From Migliaccio & Rathod LLP
December 04, 2024
Only Cynet Delivers 100% Protection and 100% Detection Visibility in the 2024 MITRE ATT&CK Eva…
From Cynet Security
December 11, 2024
Why Cybersecurity Leaders Trust the MITRE ATT&CK Evaluations
From Cynet Security
December 05, 2024
Migliaccio and Rathod Investigates Byte Federal Data Breach
From Migliaccio and Rathod
December 12, 2024
Editors' picks
Latest in Cyberattacks
Industry Dive is an Informa TechTarget business.
© 2024 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.