A ransomware attack has resulted in an outage affecting US and UK grocery chains and other major companies. Blue Yonder, a major software supply chain company for huge brands, has been the subject of the attack.
The incident took place on November 21 and was seemingly still in progress days later on November 26.
“The Blue Yonder team is continuing to work around the clock, together with our external cybersecurity firms, to safely restore systems, resulting in steady progress,” a statement from the company on November 23 read. “Our investigation remains ongoing, but please know that our priority is to ensure a safe and secure recovery. At this point, we do not have a timeline for restoration.”
The service from the Arizona-based company that has been affected is a private cloud computing service, rather than its public cloud environment. Although the company hasn’t named which of its clients have been affected, it appears to be impacting supply chain issues for some recognizable brands.
Which companies have been affected by the Blue Yonder ransomware attack?
Two major supermarket chains in the UK, Morrisons and Sainsbury’s, have reported being affected by the attack.
“We have reverted to a backup process but the outage has caused the smooth flow of goods to our stores to be impacted,” said a spokesperson for Morrisons, a company with nearly 500 grocery stores across the UK.
A spokesperson for Sainsbury’s, another major UK grocery chain, also confirmed to CNN that it had “contingency processes in place” to deal with the Blue Yonder outage.
There’s no confirmed list of what other brands have been affected but other US grocery chains use Blue Yonder’s services, including Albertsons, which owns chains like Safeway and Jewel-Osco, and Kroger, the company behind brands like Ralphs and Fred Meyer.
Outside of grocery chains, Blue Yonder also counts Fortune 500 companies like Proctor & Gamble and Anheuser-Busch as its clients. Past ransomware attacks have resulted in major data leaks (although this doesn’t appear to be a risk in this case, with customer data seemingly not affected) pulling in billions of dollars in 2023.
Featured image: Wikimedia Commons, licensed under CC BY-SA 3.0