November 26, 2024 at 04:52AM
Blue Yonder, a supply chain management software provider, suffered a ransomware attack causing significant disruptions for major clients, including Starbucks and UK grocery chains Morrisons and Sainsbury’s. The company is investigating and restoring services with the help of a cybersecurity firm, but no timeline for full restoration is available.
### Meeting Notes Takeaways
1. **Incident Overview**: Blue Yonder, a supply chain management software provider, experienced a ransomware attack affecting its managed services hosted environment, leading to significant disruptions for numerous customers, including major firms.
2. **Response Actions**:
– Blue Yonder initiated an investigation and restoration efforts immediately after discovering the attack.
– The company has engaged a cybersecurity firm for assistance in these efforts.
– As of November 24, progress has been made, but no clear timeline for complete service restoration has been provided.
3. **Impact on Customers**:
– High-profile customers affected include Starbucks, which faced issues with employee payments and scheduling.
– UK grocery chains Morrisons and Sainsbury’s are also impacted:
– **Morrisons** is using manual backup systems due to the outage, resulting in delays in supplier deliveries and product availability.
– **Sainsbury’s** confirmed they were affected but have implemented procedures to mitigate the impact.
4. **Customer Base**: Blue Yonder serves over 3,000 customers across 76 countries, including various sectors such as retail, manufacturing, and logistics.
5. **Unknown Ransomware Group**: No specific ransomware group has claimed responsibility for the attack. Typically, these groups publicly name victims and leak data only if negotiations fail.
6. **Other Potentially Affected Customers**: Reports indicate that other US grocery chains (Albertsons and Kroger) and companies like Ford, Procter & Gamble, and Anheuser-Busch utilize Blue Yonder’s solutions, though their status regarding impact is currently unclear.
7. **Further Investigation Needed**: Additional details about the attack and its implications may still emerge as Blue Yonder and the cybersecurity firm continue their investigations.
### Next Steps
– Monitor Blue Yonder’s updates for a clearer timeline on service restoration.
– Assess the impact on key customers and prepare for potential inquiries or concerns.
– Stay informed about the security landscape for any emerging information related to the attack.