Starbucks is grappling with the aftermath of a ransomware attack that targeted Blue Yonder, a supply chain management software provider owned by Panasonic. The breach, which occurred on November 21, has disrupted Starbucks’ ability to track employee schedules and hours across its U.S. and Canadian stores. Although store operations remain unaffected, the company has reverted to manual scheduling using pen and paper.
To ensure timely payment, Starbucks is compensating employees based on scheduled shifts rather than actual hours worked for the week of November 18. However, the company has acknowledged potential discrepancies caused by sick leave or extra shifts not logged in the affected system. While Starbucks has not received a clear recovery timeline from Blue Yonder, it is preparing contingency plans to maintain payroll accuracy in case the issue persists.
Blue Yonder confirmed the incident and stated it is collaborating with cybersecurity experts to resolve the issue. The attack has also impacted other Blue Yonder customers, including some UK grocery chains like Morrisons and Asda, though disruptions vary depending on backup system availability.
This incident underscores the vulnerability of interconnected digital supply chain systems to cyber threats, particularly ransomware, and highlights the importance of robust contingency planning.