Supply chain technology provider Blue Yonder is steadily recovering from a ransomware attack that struck just before Thanksgiving, with several affected customers now back online, the company announced Sunday.
The November 21 cyberattack targeted Blue Yonder's managed services hosting environment, causing operational disruptions for major clients including Starbucks and British supermarket chain Morrisons.
"We are making good progress, and several impacted customers are now operational again," a Blue Yonder spokesperson stated. The company continues working directly with remaining affected clients to restore normal business functions.
Morrisons, which operates approximately 500 stores across the United Kingdom, experienced warehouse management system outages affecting fresh food and produce operations. While some product availability issues persist in certain locations, the supermarket chain reports substantial improvements and effective backup system performance.
The attack forced Starbucks to switch to manual processes for employee time tracking after losing access to their internal workforce management platform. However, the coffee giant maintained employee payment schedules through alternative methods.
Not all Blue Yonder clients felt the impact - logistics company DHL confirmed it experienced no direct effects from the incident. Blue Yonder also clarified that its Azure public cloud environment remained uncompromised throughout the attack.
The timing of the breach raised particular concerns given its proximity to the holiday shopping season. Recent data from Sophos reveals that 45% of retail organizations faced ransomware attacks in 2024, primarily due to security vulnerabilities.
While Blue Yonder continues its recovery efforts, cybersecurity experts note that supply chain attacks place substantial pressure on impacted organizations and their downstream customers, who often have limited options while waiting for systems to be restored.