A ransomware attack on Blue Yonder, a third-party scheduling software provider, has disrupted Starbucks’ ability to manage employee schedules, forcing the coffee giant to process payments manually. Starbucks assured employees they would be paid accurately for all hours worked, despite the outage.
Blue Yonder, an Arizona-based cloud services provider, serves major multinational corporations, including Starbucks, grocery chains, and automakers like Ford. While Blue Yonder has not disclosed the full list of affected clients, the incident underscores the risks businesses face from third-party software dependencies. The company is working with cybersecurity firm CrowdStrike to recover from the hack.
Ransomware attacks, which lock systems until a ransom is paid, have surged, with hackers extorting a record $1.1 billion globally in 2023, according to crypto-tracking firm Chainalysis. The holiday season poses heightened risks as companies are under pressure to fulfill orders. Cybersecurity firm Semperis found that 86% of surveyed organizations targeted by ransomware were attacked on holidays or weekends.
This incident adds to challenges for Starbucks CEO Brian Niccol, who is contending with declining sales and now a significant operational disruption. Blue Yonder stated it is “working around the clock” to mitigate the impacts of the attack.