Blue Yonder, a firm providing end-to-end supply chain management software, was the victim of a ransomware attack on 21st November 2024. The attack caused operational disruption to several of Blue Yonder’s global clients, including coffee chain Starbucks and UK supermarkets Sainsbury’s and Morrisons.
The breach highlights the significant risks posed by cyber-criminals targeting third-party software.
Breach Explained
Blue Yonder’s software solution leverages artificial intelligence and machine learning algorithms to help retailers track demand and optimise inventory. However, following a ransomware attack on 21st November, several of Blue Yonder’s software systems went offline, leaving several customers unable to operate as expected. The breach disrupted Morrisons’ warehouse management systems, while Sainsbury’s had to resort to contingency plans to keep operations moving. Furthermore, the attack disrupted Starbucks’s ability to manage employee schedules and payroll, affecting several of the coffee firm’s North American branches.
According to company updates, Blue Yonder is taking steps to resolve the ransomware incident quickly. It’s unclear if any customer data was compromised during the breach.
Key Takeaways
The incident underscores the vulnerabilities that third-party supplier breaches pose to organisations, especially in terms of operational disruptions. Nick Tausek, lead security automation architect at security company Swimlane, said, “The attack on Blue Yonder highlights the profound ripple effects that cyber-attacks on supply chain vendors can have on organisations. When such vendors become the target of an attack, the consequences can cascade across the supply chain, impacting a wide spread of businesses and customers.”
Attacks targeting supply chains are becoming more common. For instance, in 2023, a ransomware group hacked a third-party file transfer system called MOVEit, impacting thousands of firms, including British Airways, health care company Boots and the BBC.
Organisations should scrutinise the cyber-security risks posed by their supply chains and review their incident-detection protocols and business continuity plans to prevent disruptions and minimise losses in the event of a third-party breach.
For additional guidance and cyber-insurance solutions, contact us today.
Contains public sector information published by GOV.UK and licensed under the Open Government Licence v3.0.
The content of this publication is of general interest and is not intended to apply to specific circumstances or jurisdiction. It does not purport to be a comprehensive analysis of all matters relevant to its subject matter. The content should not, therefore, be regarded as constituting legal advice and not be relied upon as such. In relation to any particular problem which they may have, readers are advised to seek specific advice from their own legal counsel. Further, the law may have changed since first publication and the reader is cautioned accordingly. © 2024 Zywave, Inc. All rights reserved.
