Blue Yonder Ransomware Attack Disrupts Grocery Store Supply Chain

Blue Yonder, a major software supply chain company serving U.S. and U.K. grocery chains as well as Fortune 500 firms, reported a ransomware attack at the end of November.

The Arizona-based software provider, acquired by Panasonic in 2021, confirmed that the attack impacted private cloud computing service used by some clients, though its public cloud environment was unaffected.

Blue Yonder declined to specify which clients were affected, however internal communications reviewed by CNN indicate the company is working with U.S.-based clients to mitigate the impact.

In a public statement, the company said: “On November 21, 2024, Blue Yonder experienced disruptions to its managed services hosted environment, which was determined to be the result of a ransomware incident.” An updated statement then went on to say there was “steady progress” in recovery efforts but acknowledged that no timeline for full restoration was available.

The outage has already disrupted operations in the U.K., where two of the four largest grocery chains confirmed they were affected.

Morrisons, which operates nearly 500 stores, said the attack had disrupted the smooth flow of goods to its locations, forcing the company to rely on backup processes. A spokesperson stated, “We have reverted to a backup process but the outage has caused the smooth flow of goods to our stores to be impacted.”

Sainsbury’s, another major U.K. grocery chain, reported that it had implemented contingency plans to manage the disruption caused by the Blue Yonder outage.

Some of the biggest U.S. grocery chains use Blue Yonder, including Albertsons — the parent company of chains like Safeway and Jewel-Osco — and Kroger, the parent company of chains like Ralphs and Fred Meyer.