A ransomware attack on Blue Yonder, a US-based supply chain management software provider, has had serious repercussions for several UK retailers, including big names like Morrisons and Sainsbury’s. The incident started just before the weekend of November 23 and 24, impacting Blue Yonder’s managed services.
Blue Yonder has been active in addressing the situation. They’re collaborating with external cybersecurity firms and applying various recovery tactics. In a recent statement, they mentioned that they’re closely monitoring their Azure public cloud environment and haven’t detected any suspicious activity there. The team is working tirelessly on recovery strategies, although they haven’t provided a timeline for restoration.
As for the attackers, Blue Yonder hasn’t disclosed any information about who is behind the ransomware. Meanwhile, the ramifications are clear in the UK. Morrisons, which relies on Blue Yonder’s warehouse management systems, has reverted to backup processes, causing delays in getting goods to stores. They’ve reported disruptions in their supply chain and that suppliers are unable to fulfill deliveries. Sainsbury’s has also activated contingency plans to deal with the fallout.
Blue Yonder’s clients include major supermarket chains like Asda, Tesco, and Waitrose, as well as several consumer goods suppliers. Starbucks is another affected customer; their store managers have had to go back to manual processes since their workforce scheduling tools are down.
This attack comes at a particularly challenging time, just ahead of the holiday retail season and days before Thanksgiving in the US. Some experts believe the timing wasn’t coincidental. Dan Lattimer from Semperis pointed out that the hackers likely aimed to maximize disruption, knowing retailers would be under pressure to keep shelves stocked during the busy holiday period.
James McQuiggan from KnowBe4 highlighted that this incident underscores the importance of managing third-party risks. Organizations need to have solid incident response plans that address potential failures with third-party partners. He recommended that companies conduct simulations to better prepare staff for possible disruptions.
McQuiggan emphasized that while it’s impossible to predict every third-party failure, a culture of preparedness can help minimize the impact when issues arise. He also stressed that planning for business continuity is critical in a landscape where third-party disruptions can significantly affect operations.