{"id":2037607,"date":"2024-11-26T10:37:56","date_gmt":"2024-11-26T15:37:56","guid":{"rendered":"https:\/\/securityboulevard.com\/?p=2037607"},"modified":"2024-11-26T10:37:56","modified_gmt":"2024-11-26T15:37:56","slug":"supply-chain-ransomware-attack-hits-starbucks-uk-grocers","status":"publish","type":"post","link":"https:\/\/securityboulevard.com\/2024\/11\/supply-chain-ransomware-attack-hits-starbucks-uk-grocers\/","title":{"rendered":"Supply Chain Ransomware Attack Hits Starbucks, UK Grocers"},"content":{"rendered":"<p>Starbucks was among other corporations affected by a ransomware attack last week on managed services provider Blue Yonder, with the coffee chain giant saying it had to switch to manual operations for such tasks as employee scheduling and time tracking.<\/p>\n<p>The attack hasn\u2019t affected customer service, but it has put another spotlight on the ongoing <a href=\"https:\/\/securityboulevard.com\/2024\/07\/polyfill-supply-chain-richixb\/\" target=\"_blank\" rel=\"noopener\">threats to supply chains<\/a>.<\/p>\n<p>Blue Yonder, a subsidiary of Panasonic, claims more than 3,000 customers, with Starbucks being the highest-profile client to publicly talk about being impacted by the attack. Morrisons and Sainsbury\u2019s, two grocery chains in the UK and Blue Yonder customers, also were affected.<\/p>\n<p>According to industry news site The Grocer, Morrisons uses Blue Yonder\u2019s software for demand forecasting and replenishment operations for fresh produce and chilled foods. Since the ransomware attack, the company has been using its manual backup system.<\/p>\n<p>\u201cBlue Yonder, the supplier of our warehouse management systems, has suffered a significant outage,\u201d a Morrisons spokesperson <a href=\"https:\/\/www.thegrocer.co.uk\/news\/blue-yonder-software-hack-impacting-supermarket-supply-chains\/698211.article\" target=\"_blank\" rel=\"noopener\">told The Grocer<\/a>. \u201cWe have reverted to a back-up process but the outage has caused the smooth flow of goods to our stores to be impacted.\u201d<\/p>\n<p>Sainsbury\u2019s said it also is impacted by the attack, though added that it has procedures it\u2019s using to mitigate the effects.<\/p>\n<h3>Starbucks Goes Manual<\/h3>\n<p>For its part, a Starbucks spokesperson <a href=\"https:\/\/www.cnn.com\/2024\/11\/25\/tech\/starbucks-ransomware-attack\/index.html\" target=\"_blank\" rel=\"noopener\">told CNN<\/a> that the company is helping its stores with the manual workaround and added that all employees will be paid for the hours worked.<\/p>\n<p>It\u2019s unclear how many other Blue Yonder customers are feeling the affects of the attack, though a spokesperson with giant automaker Ford told CNN that the company \u201cis aware and is actively investigating if a cyber incident at a third-party supplier has any impact on our operations or systems.\u201d<\/p>\n<p>Blue Yonder executives in <a href=\"https:\/\/blueyonder.com\/customer-update\" target=\"_blank\" rel=\"noopener\">updates on its website<\/a> said the ransomware attack by an unknown group disrupted its managed services hosted environment and that the company is working with cybersecurity firms \u2013 including CrowdStrike, according to CNN sources \u2013 in the investigation and recovery processes.<\/p>\n<p>\u201cWe have implemented several defensive and forensic protocols,\u201d the company wrote. \u201cWith respect to the Blue Yonder Azure public cloud environment, we are actively monitoring and currently do not see any suspicious activity. The experts along with the Blue Yonder team are working on multiple recovery strategies and the investigation is ongoing.\u201d<\/p>\n<p>Subsequent updates said the company is making \u201csteady progress\u201d but that the company can\u2019t say when the service will be recovered.<\/p>\n<h3>Supply Chain at Risk<\/h3>\n<p>Attacks on software supply chains have risen sharply in recent years, with the attack on SolarWinds in 2020 putting the threat front and center. A threat group called Nobelium that was directed by the Russian Foreign Intelligence Service was able to inject malicious code into the software maker\u2019s Orion remote monitoring and management software, infecting customers that downloaded a software update.<\/p>\n<p>Since then, the number of supply chain attacks has grown. According to market research firm Statista, there were 694 supply chain attacks in 2020. Two years later, that number was 1,734, and <a href=\"https:\/\/www.statista.com\/statistics\/1367208\/us-annual-number-of-entities-impacted-supply-chain-attacks\/\" target=\"_blank\" rel=\"noopener\">last year it rose to 2,769<\/a>.<\/p>\n<p><a href=\"https:\/\/www.reversinglabs.com\/sscs-report?utm_source=google&amp;utm_medium=cpc&amp;utm_campaign=sscs&amp;utm_term=search&amp;utm_term=software%20supply%20chain%20security&amp;utm_campaign=Search_SSCS&amp;utm_source=google&amp;utm_medium=cpc&amp;hsa_acc=9845575402&amp;hsa_cam=20411336079&amp;hsa_grp=152983542938&amp;hsa_ad=696791995598&amp;hsa_src=g&amp;hsa_tgt=kwd-360047656502&amp;hsa_kw=software%20supply%20chain%20security&amp;hsa_mt=b&amp;hsa_net=adwords&amp;hsa_ver=3&amp;gad_source=1&amp;gclid=Cj0KCQiAgJa6BhCOARIsAMiL7V-txS2EfpuAdggmT2X1-W4tga5o_wGZYUq1d0oKc1rcKlWhUm5DzwEaAr5UEALw_wcB\" target=\"_blank\" rel=\"noopener\">In a report<\/a>, cybersecurity firm ReversingLabs said that the number of threats to the supply chain rose 1,300% over three years and that there were more than a dozen high-profile supply chain attacks in 2023, including the far-reaching attacks on Progress Software\u2019s MOVEit file transfer software by the Cl0p threat group that exposed the health care data of more than 62 million people around the world.<\/p>\n<h3>Threat to Software Makers, Users<\/h3>\n<p>\u201cThe lesson of these incidents is clear: Software supply chains represent the largest unaddressed attack surface lurking within businesses today, regardless of whether you are building or deploying software,\u201d ReversingLabs co-founder and CEO Mario Vuksan wrote in the report. \u201cAs threats to the software supply chain grow, they expose holes in the defenses used by software producers and consumers that are focused on open-source vulnerabilities.\u201d<\/p>\n<p>Typical application security testing and code-scanning tools aren\u2019t able to detect compromises in development processes that result in malicious modifications of sanctioned code, Vuksan wrote. At the same time, those companies buying and deploying software are used to assuming the integrity of signed updates from reputable vendors.<\/p>\n<p>\u201cToday, both software publishers are under pressure to answer a fundamental question: \u2018Are there any material risks inside by software,\u2019\u201d he wrote.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Coffee store giant Starbucks was among other organizations affected by a ransomware attack this month on cloud managed service provider Blue Yonder, a Panasonic subsidiary that has more than 3,000 customers. Two UK grocery chains also were impacted.  <\/p>\n","protected":false},"author":20461,"featured_media":1792073,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[230,23406,13571,21858,308,20984,23435,14089,14098,14097,98631,99462,99461,13418,21129],"tags":[1782,32511,31622],"class_list":["post-2037607","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cloud-security","category-blogs","category-data-security","category-sb-featured","category-identity-access","category-incident-response","category-malware","category-network-security","category-sb-news","category-sb","category-social-facebook","category-social-linkedin","category-social-x","category-sb-spotlight","category-threats-breaches","tag-ransomware","tag-software-supply-chain-attack","tag-starbucks"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v23.9 (Yoast SEO v23.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Supply Chain Ransomware Attack Hits Starbucks, UK Grocers - Security Boulevard<\/title>\n<meta name=\"description\" content=\"Cloud managed service provider Blue Yonder, which has more than 3,000 customers, says it was hit with a ransomware attack this month.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/securityboulevard.com\/2024\/11\/supply-chain-ransomware-attack-hits-starbucks-uk-grocers\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Supply Chain Ransomware Attack Hits Starbucks, UK Grocers\" \/>\n<meta property=\"og:description\" content=\"Coffee store giant Starbucks was among other organizations affected by a ransomware attack this month on cloud managed service provider Blue Yonder, a Panasonic subsidiary that has more than 3,000 customers. Two UK grocery chains also were impacted.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/securityboulevard.com\/2024\/11\/supply-chain-ransomware-attack-hits-starbucks-uk-grocers\/\" \/>\n<meta property=\"og:site_name\" content=\"Security Boulevard\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/groups\/24445075146\/\" \/>\n<meta property=\"article:published_time\" content=\"2024-11-26T15:37:56+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/11\/Sandbox-Proof-Concept.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"770\" \/>\n\t<meta property=\"og:image:height\" content=\"330\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Jeffrey Burt\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@securityblvd\" \/>\n<meta name=\"twitter:site\" content=\"@securityblvd\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/supply-chain-ransomware-attack-hits-starbucks-uk-grocers\/\",\"url\":\"https:\/\/securityboulevard.com\/2024\/11\/supply-chain-ransomware-attack-hits-starbucks-uk-grocers\/\",\"name\":\"Supply Chain Ransomware Attack Hits Starbucks, UK Grocers - Security Boulevard\",\"isPartOf\":{\"@id\":\"https:\/\/securityboulevard.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/supply-chain-ransomware-attack-hits-starbucks-uk-grocers\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/supply-chain-ransomware-attack-hits-starbucks-uk-grocers\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/11\/Sandbox-Proof-Concept.jpg\",\"datePublished\":\"2024-11-26T15:37:56+00:00\",\"dateModified\":\"2024-11-26T15:37:56+00:00\",\"author\":{\"@id\":\"https:\/\/securityboulevard.com\/#\/schema\/person\/f38bb7663c788778985274cf1b68758a\"},\"description\":\"Cloud managed service provider Blue Yonder, which has more than 3,000 customers, says it was hit with a ransomware attack this month.\",\"breadcrumb\":{\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/supply-chain-ransomware-attack-hits-starbucks-uk-grocers\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/securityboulevard.com\/2024\/11\/supply-chain-ransomware-attack-hits-starbucks-uk-grocers\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/supply-chain-ransomware-attack-hits-starbucks-uk-grocers\/#primaryimage\",\"url\":\"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/11\/Sandbox-Proof-Concept.jpg\",\"contentUrl\":\"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/11\/Sandbox-Proof-Concept.jpg\",\"width\":770,\"height\":330,\"caption\":\"supply, chain, Blue Yonder, secure, Checkmarx Abnormal Security cyberattack supply chain cybersecurity\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/supply-chain-ransomware-attack-hits-starbucks-uk-grocers\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/securityboulevard.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybersecurity\",\"item\":\"https:\/\/securityboulevard.com\/category\/blogs\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Cloud Security\",\"item\":\"https:\/\/securityboulevard.com\/category\/blogs\/cloud-security\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Supply Chain Ransomware Attack Hits Starbucks, UK Grocers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/securityboulevard.com\/#website\",\"url\":\"https:\/\/securityboulevard.com\/\",\"name\":\"Security Boulevard\",\"description\":\"The Home of the Security Bloggers Network\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/securityboulevard.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/securityboulevard.com\/#\/schema\/person\/f38bb7663c788778985274cf1b68758a\",\"name\":\"Jeffrey Burt\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityboulevard.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/securityboulevard.com\/wp-content\/uploads\/2023\/07\/cropped-Jeffrey-Burt-photo-96x96.jpg\",\"contentUrl\":\"https:\/\/securityboulevard.com\/wp-content\/uploads\/2023\/07\/cropped-Jeffrey-Burt-photo-96x96.jpg\",\"caption\":\"Jeffrey Burt\"},\"description\":\"Jeffrey Burt has been a journalist for more than three decades, writing about technology since 2000. He\u2019s written for a variety of outlets, including eWEEK, The Next Platform, The Register, The New Stack, eSecurity Planet, and Channel Insider.\",\"url\":\"https:\/\/securityboulevard.com\/author\/jeffrey-burt\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Supply Chain Ransomware Attack Hits Starbucks, UK Grocers - Security Boulevard","description":"Cloud managed service provider Blue Yonder, which has more than 3,000 customers, says it was hit with a ransomware attack this month.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/securityboulevard.com\/2024\/11\/supply-chain-ransomware-attack-hits-starbucks-uk-grocers\/","og_locale":"en_US","og_type":"article","og_title":"Supply Chain Ransomware Attack Hits Starbucks, UK Grocers","og_description":"Coffee store giant Starbucks was among other organizations affected by a ransomware attack this month on cloud managed service provider Blue Yonder, a Panasonic subsidiary that has more than 3,000 customers. Two UK grocery chains also were impacted.","og_url":"https:\/\/securityboulevard.com\/2024\/11\/supply-chain-ransomware-attack-hits-starbucks-uk-grocers\/","og_site_name":"Security Boulevard","article_publisher":"https:\/\/www.facebook.com\/groups\/24445075146\/","article_published_time":"2024-11-26T15:37:56+00:00","og_image":[{"width":770,"height":330,"url":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/11\/Sandbox-Proof-Concept.jpg","type":"image\/jpeg"}],"author":"Jeffrey Burt","twitter_card":"summary_large_image","twitter_creator":"@securityblvd","twitter_site":"@securityblvd","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/securityboulevard.com\/2024\/11\/supply-chain-ransomware-attack-hits-starbucks-uk-grocers\/","url":"https:\/\/securityboulevard.com\/2024\/11\/supply-chain-ransomware-attack-hits-starbucks-uk-grocers\/","name":"Supply Chain Ransomware Attack Hits Starbucks, UK Grocers - Security Boulevard","isPartOf":{"@id":"https:\/\/securityboulevard.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/securityboulevard.com\/2024\/11\/supply-chain-ransomware-attack-hits-starbucks-uk-grocers\/#primaryimage"},"image":{"@id":"https:\/\/securityboulevard.com\/2024\/11\/supply-chain-ransomware-attack-hits-starbucks-uk-grocers\/#primaryimage"},"thumbnailUrl":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/11\/Sandbox-Proof-Concept.jpg","datePublished":"2024-11-26T15:37:56+00:00","dateModified":"2024-11-26T15:37:56+00:00","author":{"@id":"https:\/\/securityboulevard.com\/#\/schema\/person\/f38bb7663c788778985274cf1b68758a"},"description":"Cloud managed service provider Blue Yonder, which has more than 3,000 customers, says it was hit with a ransomware attack this month.","breadcrumb":{"@id":"https:\/\/securityboulevard.com\/2024\/11\/supply-chain-ransomware-attack-hits-starbucks-uk-grocers\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/securityboulevard.com\/2024\/11\/supply-chain-ransomware-attack-hits-starbucks-uk-grocers\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityboulevard.com\/2024\/11\/supply-chain-ransomware-attack-hits-starbucks-uk-grocers\/#primaryimage","url":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/11\/Sandbox-Proof-Concept.jpg","contentUrl":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/11\/Sandbox-Proof-Concept.jpg","width":770,"height":330,"caption":"supply, chain, Blue Yonder, secure, Checkmarx Abnormal Security cyberattack supply chain cybersecurity"},{"@type":"BreadcrumbList","@id":"https:\/\/securityboulevard.com\/2024\/11\/supply-chain-ransomware-attack-hits-starbucks-uk-grocers\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/securityboulevard.com\/"},{"@type":"ListItem","position":2,"name":"Cybersecurity","item":"https:\/\/securityboulevard.com\/category\/blogs\/"},{"@type":"ListItem","position":3,"name":"Cloud Security","item":"https:\/\/securityboulevard.com\/category\/blogs\/cloud-security\/"},{"@type":"ListItem","position":4,"name":"Supply Chain Ransomware Attack Hits Starbucks, UK Grocers"}]},{"@type":"WebSite","@id":"https:\/\/securityboulevard.com\/#website","url":"https:\/\/securityboulevard.com\/","name":"Security Boulevard","description":"The Home of the Security Bloggers Network","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/securityboulevard.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/securityboulevard.com\/#\/schema\/person\/f38bb7663c788778985274cf1b68758a","name":"Jeffrey Burt","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityboulevard.com\/#\/schema\/person\/image\/","url":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2023\/07\/cropped-Jeffrey-Burt-photo-96x96.jpg","contentUrl":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2023\/07\/cropped-Jeffrey-Burt-photo-96x96.jpg","caption":"Jeffrey Burt"},"description":"Jeffrey Burt has been a journalist for more than three decades, writing about technology since 2000. He\u2019s written for a variety of outlets, including eWEEK, The Next Platform, The Register, The New Stack, eSecurity Planet, and Channel Insider.","url":"https:\/\/securityboulevard.com\/author\/jeffrey-burt\/"}]}},"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/11\/Sandbox-Proof-Concept.jpg","jetpack_shortlink":"https:\/\/wp.me\/p91vu9-8y4D","_links":{"self":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts\/2037607","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/users\/20461"}],"replies":[{"embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/comments?post=2037607"}],"version-history":[{"count":1,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts\/2037607\/revisions"}],"predecessor-version":[{"id":2037608,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts\/2037607\/revisions\/2037608"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/media\/1792073"}],"wp:attachment":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/media?parent=2037607"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/categories?post=2037607"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/tags?post=2037607"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}