Starbucks Targeted by Ransomware Attack via Third-Party Software Supplier

A ransomware attack on Blue Yonder, a crucial supply chain management software vendor, forced Starbucks to revert to manual techniques for managing employee schedules and payroll.

The incident began on November 21, 2024, and has had no effect on customer service or retail operations.

As a result of the hack, store managers are now manually tracking staff hours.

The hack caused ripple effects across various industries:

UK Retail Impact: Major British grocery companies Morrisons and Sainsbury's experienced disruptions to their warehouse management systems, but have installed backup systems.

Corporate Response: Blue Yonder has hired external cybersecurity organizations to help with recovery operations and has installed protective mechanisms. The company has not specified a date for service restoration.

The event demonstrates the vulnerability of supply chain systems over the holiday season. Blue Yonder services a large client base, including:

• 46 in the top 100 manufacturers.
• 64 of the top 100 consumer product manufacturers
• 76 of the top 100 shops worldwide.

This hack joins a long list of cybersecurity breaches involving large food service organizations. Earlier in 2024, both McDonald's and Panera experienced technological disruptions, with Panera's event leading to a class action lawsuit after employee data was exposed.

"We're working around the clock to respond to this situation and are making progress. There are no new changes to give regarding our restoration timeline following our post yesterday," according to the Blue Yonder report.

The time of the attack is especially important, as research indicates that 86% of ransomware attacks target firms on vacations or weekends. Despite government efforts to prevent such operations, cybercriminals extracted $1.1 billion in ransom payments worldwide in 2023.

This disruption poses an extra difficulty for Starbucks' new CEO, Brian Niccol, who is already coping with three consecutive quarters of falling sales.

While the company tries to remedy the situation, it prioritizes maintaining normal customer service operations and providing enough staff remuneration.

Source: Cyber Security News