A ransomware attack against a major supply chain technology provider left retailers including Starbucks and U.K. grocery chain Sainsbury’s scrambling to manage operations including scheduling and handling inventories.
Blue Yonder, one of the world’s largest supply chain software providers, said Monday it was working to restore services after the attack last week disrupted systems it hosts for customers.
Blue Yonder said it didn’t have a timeline for when services would be restored. The company said the attack didn’t affect systems that run on public cloud-based platforms.
Starbucks said Monday the ransomware attack affected company-owned stores in its network of around 11,000 sites in North America. It disrupted the coffee chain’s ability to pay baristas and manage their schedules, leaving cafe managers to manually calculate employees’ pay.
Starbucks for now is paying employees for their scheduled shifts, meaning they could be overpaid or underpaid depending on the hours actually worked. The company said it would ensure baristas are eventually paid for all hours worked.
Automaker Ford Motor said it uses Blue Yonder technology and was investigating whether the outage affected its operations.
Sainsbury’s and Morrisons, two of the U.K.’s largest grocery chains, said they have turned to backup plans to keep operations running.
Morrisons, which has about 1,600 convenience stores and 500 supermarkets across the U.K., said the outage affected its warehouse management systems for fresh foods and produce. “We are currently operating satisfactorily on our backup systems and we’re working very hard to deliver for our customers across the country,” a spokesperson for Morrisons said.
Sainsbury’s, which has 600 supermarkets and more than 800 convenience stores across the U.K., said it is in “close contact” with Blue Yonder and has put contingency processes in place.
Blue Yonder, owned by Japanese conglomerate Panasonic, makes software for retail companies and manufacturers to oversee operations from managing warehouses and transportation to handling returns. Its customers have included grocery giants Kroger and Albertsons, consumer-goods supplier Procter & Gamble and retail pharmacy chain Walgreens. Those companies didn’t respond to requests for comment Monday.
The disruptions at Sainsbury’s and Morrisons were reported earlier by CNN.
The incident is the latest cyberattack to disrupt grocery supply chains this month as companies prepare for the busy holiday shopping season.
Dutch supermarket conglomerate Ahold Delhaize, which owns Stop & Shop, Food Lion, Hannaford and other grocery chains, on Nov. 8 reported a “cybersecurity issue” within its U.S. network. The incident caused nearly two weeks of product shortages at Stop & Shop stores across the Northeast U.S.
