Blue Yonder Group Inc., a major supply chain management software provider owned by Panasonic Corp., fell victim to a ransomware attack on November 21, causing widespread disruptions to retail and grocery operations across the United States and United Kingdom.
The cyberattack has severely impacted Blue Yonder's managed services hosted environment, affecting major U.S. retailers including Starbucks, which has been forced to resort to pen and paper for employee scheduling and payroll management. Other potentially affected customers include retail giants Albertsons, Kroger, Proctor & Gamble, and Anheuser-Busch.
In the UK, leading grocery chains Morrisons and Sainsbury's reported disruptions to their warehouse management systems, though they have activated backup systems to maintain operations. Morrisons specifically noted that the outage has impacted the flow of fresh food and produce to stores.
Blue Yonder has taken an unusually transparent approach to the incident, openly acknowledging the ransomware attack and providing regular updates. The company has engaged external cybersecurity firms to investigate and restore systems, though no timeline for full service restoration has been announced.
The attack highlights the growing vulnerability of supply chain networks to cyber threats. According to Steve Cobb, Chief Information Security Officer at SecurityScorecard Inc., supply chain ecosystems are particularly attractive targets for ransomware groups due to their access to sensitive data and broad attack surface.
The timing of the attack is particularly concerning as it coincides with the busy Thanksgiving holiday period in the United States, a peak season for retail and grocery operations. While Blue Yonder continues to monitor its Azure public cloud environment, the company reports no suspicious activity in that infrastructure.
As investigations continue, the identity of the attackers and the specific ransomware variant used remain undisclosed. Blue Yonder maintains that its priority is ensuring a secure recovery while keeping affected customers informed of developments.