Retailers struggle after ransomware attack on supply chain tech provider Blue Yonder

Avatar

A major technology provider for hundreds of large retailers is struggling to recover from a ransomware attack that began last Thursday. 

Blue Yonder — which provides systems for fulfillment, delivery and returns for more than 3,000 major companies across 76 countries — said last week that its managed services were disrupted, prompting the company to hire an external cybersecurity firm. 

The company provided updates on Saturday and Sunday, warning customers that the “Blue Yonder team is working around the clock to respond to this incident and continues to make progress.”

“Our investigation remains ongoing, but please know that our priority is to ensure a safe and secure recovery. At this point in time, we do not have a timeline for restoration,” the company said.

Blue Yonder did not respond to requests for comment about whether the hackers have identified themselves or if a ransom has been issued. 

Blue Yonder provides customers with AI-driven supply chain platforms and other tools to manage capacity, inventory and transport. It was purchased by Panasonic in 2021 for about $8.5 billion. 

Its customers range from supermarket chains like Morrisons to consumer goods companies like Amway, Anheuser-Busch, Dole and Gap. Other customers include Microsoft, Ford, Lenovo, Mitsubishi and Nestle. 

CNN was the first to report the incident on Saturday, noting that several U.K.-based grocery chains were forced to adopt contingency measures to deal with the ransomware attack on Blue Yonder. 

The Wall Street Journal added on Monday that Starbucks officials told them that the ransomware attack affected their ability to pay employees and manage schedules across thousands of stores in North America. 

This is the second attack affecting retailers ahead of the shopping holidays built around Thanksgiving. Dutch company Ahold Delhaize has continued to struggle after a cyberattack affected several of its subsidiaries, including Stop & Shop, Hannaford, Food Lion and Giant Food.

The company told Recorded Future News last week that its investigation is “ongoing” and that their teams “are taking steps to assess and mitigate the issue.” 

“We will continue to take actions to further protect our systems,” company officials said.

CybercrimeIndustryNewsNews BriefsTechnology
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

CISA Urges Agencies to Patch Critical “Array Networks” Flaw Amid Active Attacks

Next Post

New York fines Geico, Travelers $11 million for exposed driver’s license numbers

Related Posts

OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf

The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region. "The group utilizes sophisticated tactics that include deploying a backdoor that leverages Microsoft Exchange servers for credentials theft, and exploiting vulnerabilities
Avatar
Read More