Starbucks confirmed the ransomware attack against Blue Yonder has disrupted a platform the company uses to manage employee schedules and track hours worked, the coffee chain said Monday. However, Starbucks plans to take whatever steps are necessary to make sure employees are paid.
On Friday, Blue Yonder disclosed a ransomware attack that disrupted services at the Arizona-based software firm. Blue Yonder provides supply chain management software to thousands of firms across the globe, including major grocers and other retailers in the U.S. and U.K.
Starbucks is working closely with the vendor to get a resolution to the platform disruption, a spokesperson said. However, store leaders and partners have been provided guidance on how to keep track of that information manually.
The priority is “keeping our partners whole” and making sure they get paid throughout the outage, the company said.
The attack has not impacted customer service at Starbucks, so mobile orders and in store operations are working as normal, according to the firm.
Blue Yonder is working with outside forensic experts to investigate the cause of the ransomware incident, which was discovered on Thursday. The company has not provided an estimated time to restore normal operations.
John Donigian, senior director of supply chain strategy at Moody’s, said the attack underscores just how critical these technologies are to global supply chain management.
“When these systems go offline, essential workflows — such as inventory management, demand forecasting, warehouse management and transportation planning — are disrupted, bringing entire supply chains to a standstill,” Donigian said via email. “This incident highlights the indispensable role such technologies play in industries from retail to logistics and beyond.”
In the c-store space, Blue Yonder is used by retailers like Jacksons Food Stores and RaceTrac, as well as suppliers like Core-Mark. There is no indication of whether these companies have been impacted by the attack.
As previously reported, Morrisons, a U.K.-based supermarket, said the cyberattack impacted its warehouse management system for fresh produce.
Jonathan Braley, director of the Food and Ag-ISAC, said Blue Yonder provides software solutions for many companies in the food and agriculture sector, particularly companies that handle transportation and warehouse management.
“While ransomware attacks like the one against JBS Foods three years ago highlighted the vulnerability of the food and agriculture supply chain, it also showed how resilient the sector is, as companies were able to access business continuity plans to ensure continued product delivery,” Braley said via email.