Supply chain technology provider Blue Yonder is steadily restoring operations following a ransomware attack that disrupted key customers, including Morrisons and Starbucks.
Progress in Recovery Efforts
Blue Yonder, a leading Arizona-based supply chain technology company, is making strides toward full recovery after a ransomware attack on November 21 targeted its managed services hosted environment. The attack, which occurred just before Thanksgiving, caused operational disruptions for major clients such as U.K. supermarket chain Morrisons and global coffee giant Starbucks.
A Blue Yonder spokesperson confirmed that several affected customers have resumed operations, with efforts ongoing to restore normalcy for others. Morrisons, which operates around 500 stores in the U.K., experienced outages in its warehouse management systems for fresh food and produce. However, the retailer reported significant improvements, stating, “We are recovering quickly, and our backup system is working well.” While some supermarkets still face product availability issues, the chain remains optimistic about its progress.
Starbucks, on the other hand, faced disruptions in its internal platform used to track employee hours. The company temporarily reverted to manual processes to ensure workers were paid, though further updates were unavailable at the time of reporting. Meanwhile, other Blue Yonder clients, such as DHL, reported no direct impact from the attack.
Rising Threats to Supply Chain Security
The attack underscores the growing vulnerability of supply chain systems, particularly during critical retail periods like Thanksgiving and Black Friday. Sophos data reveals that 45% of retail organizations faced ransomware attacks in 2024, often due to exploited system vulnerabilities. Peter Mackenzie, director of incident response at Sophos, highlighted the significant pressure such attacks place on affected organizations, leaving them with limited options during remediation.
In response to these escalating threats, the National Retail Federation (NRF), in collaboration with The Chertoff Group, released a supply chain risk management guide in mid-November. The guide aims to help retailers safeguard their inventory and operations amid an increasingly complex cybersecurity landscape. Danielle Inman, senior director of media relations at the NRF, emphasized the importance of addressing third-party risks, which are becoming a critical challenge for organizations.
A Wake-Up Call for Supply Chain Leaders
This incident serves as a stark reminder for supply chain leaders to prioritize cybersecurity measures and third-party risk management. As ransomware attacks grow more sophisticated, businesses must invest in robust systems and contingency plans to mitigate disruptions. With the holiday season in full swing, the resilience of supply chain operations will be tested, making proactive security strategies more crucial than ever.
