On 21 November, global supply chain software provider Blue Yonder suffered a ransomware attack, causing significant disruption to its managed services environment. The incident has had widespread repercussions for the company’s clients, which include major names such as Morrisons, Sainsbury’s, and Starbucks, highlighting the vulnerabilities in interconnected supply chain networks.

Based in Arizona, Blue Yonder is a leading provider of AI-driven supply chain solutions, supporting businesses with planning, fulfilment, delivery, and returns. Established in 1985, the firm serves over 3,000 clients across 76 countries, primarily within the retail, manufacturing, and logistics sectors. In a statement following the attack, Blue Yonder confirmed that external cybersecurity experts were assisting with their recovery efforts. While progress is being made, the company has yet to provide a timeline for full restoration.

The fallout has been felt keenly by major supermarkets and FMCG suppliers in the UK and US. Starbucks reported disruptions to staff payment and scheduling systems due to backend issues, while UK retailers such as Sainsbury’s and Morrisons also faced operational challenges. Sainsbury’s assured that contingency plans were in place, but customers reported gaps in Morrisons’ shelves, prompting frustration on social media. Morrisons clarified that frozen and ambient products were unaffected and that backup systems were ensuring continuity.

With the Christmas trading season underway, the timing of the attack has amplified its impact. Blue Yonder’s UK clients, including Tesco, Waitrose, and Asda, are also closely monitoring developments. The situation underscores the critical need for robust cybersecurity measures to protect supply chain infrastructure, which is essential to ensuring reliable service for businesses and customers alike.