A customer holds a shopping basket as she browses the wine and beer section inside a Morrisons M Local store


A ransomware attack on Blue Yonder, one of the world’s largest supply chain software providers, is causing ongoing disruption to operations at a number of major U.S. and U.K. stores and retailers. 

Arizona-based Blue Yonder, which was acquired by Panasonic in 2021, said in a statement on its website on Friday that it had experienced disruptions to its managed services hosted environment, “which was determined to be the result of a ransomware incident.” 

The supply chain giant said it has been “working diligently” to recover from the incident, first reported by CNN, but added that as of Sunday, the company does “not have a timeline for restoration.”

Blue Yonder hasn’t said how many of its 3,000 corporate customers are affected by the incident, and representatives for the company did not respond to TechCrunch’s questions. 

However, two of the U.K.’s largest supermarkets confirmed to TechCrunch that they had experienced disruption as a result of the ransomware attack on Blue Yonder. 

Katherine Woodhouse, a spokesperson for Morrisons, which has almost 500 grocery stores across the U.K., said that the “outage” at Blue Yonder had affected its warehouse management systems for fresh and produce. “We are currently operating on our back up systems and we’re working very hard to deliver for our customers across the country,” said Morrisons’ spokesperson.

Sainsbury’s, which operates more than 2,300 supermarkets in the U.K., also confirmed to TechCrunch that its operations were hit, but said in a later statement on Monday that its services had since been restored.

Disruption has been felt in the United States, too. Starbucks confirmed to the Wall Street Journal that the ransomware attack had disrupted the organization’s ability to pay baristas and manage their schedules, forcing managers to manually calculate employees’ pay. 

Not all of Blue Yonder’s customers have faced downtime or disruption. Tesco, the largest supermarket chain in the U.K., and DHL Supply Chain, a division of German-based logistics giant DHL, both confirmed to TechCrunch that they were unaffected by the ransomware incident at Blue Yonder.

The ransomware attack has not yet been claimed by any major ransomware group and it’s not yet known if any customer data was stolen.

In its most recent update, posted Sunday, Blue Yonder said its investigation and restoration “remains ongoing.”

Leave a Reply

Your email address will not be published. Required fields are marked *