Starbucks has gone back to pen and paper after vendor ransomware attack

News
By published

Coffee giant forced to go analogue to track employee pay

Starbucks Store
(Image credit: oberaichwald / Pixabay)
  • Starbucks stores are using pen and paper to track employee hours after attack
  • Third-party Vendor Blue Yonder hit with ransomware attack
  • Retail stores in the UK and US affected

Starbucks may be the largest coffee chain in the world, but many of its stores have been forced to manually track employee’s schedules and payroll after a third party supply chain vendor was hit by a ransomware attack.

Blue Yonder confirmed it was the victim of a ransomware attack, and services are still being severely disrupted, with the company confirming it is “working around the clock to respond to this incident”.

The list of affected stores is growing, with UK retail giants Sainsbury’s and Morrisons also both reporting disruption. The stores have affirmed that backup processes and contingency plans are in place, so the impact on customers should be minimal.

Third party risks

It’s not yet clear exactly what the effects of the hack will be, and the extent of the disruption is yet to be seen. Ransomware is a costly business, with the average demand over $5 million in the first half of 2024.

Ransomware attacks are on the rise across the globe, and increasingly digital operations mean many companies are reliant on third party vendors, which can put companies at risk even if their own cybersecurity is airtight.

The risks can be mitigated by thoroughly assessing third party vendors and by ensuring contingency plans are in place, and CISOs are encouraged to collaborate with their peers in the industry to foster strong relationships.

"The Blue Yonder incident reminds all organizations that focusing only on the security and resilience of systems under your direct control is no longer an option.” said Matt Aldridge, Principal Solutions Consultant at OpenText Cybersecurity.

“Dependencies run deep and broad in the supply chain, so it is essential that all suppliers are thoroughly vetted on an ongoing basis, and that contingency plans are in place before going live with any major third-party solution.“

Via CNN

You might also like

Ellen Jennings-Trace
Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

Read more
Ransomware
Lee Enterprises blames cyberattack for encrypting critical systems as US newspaper outages drag on
Red padlock open on electric circuits network dark red background
Newspaper printing across US hit after Lee Enterprises says “cybersecurity event” disrupted operations
Closing the cybersecurity skills gap
The critical need for watertight security across the IT supply chain
ransomware avast
Ransomware attacks are costing Government offices a month of downtime on average
Ransomware
Top cannabis brand Stiiizy says hackers got access to its systems
Code Skull
Casio confirms data of 8,500 people exposed in recent ransomware attack
Latest in Security
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak
A major Keenetic router data leak could put a million households at risk
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple routers hit by new critical severity remote command injection vulnerability, with no fix in sight
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Latest in News
Open AI
OpenAI live stream - could we see a major ChatGPT upgrade?
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora
NetSuite EVP Evan Goldberg at SuiteConnect London 2025
"It's our job to deliver constant innovation” - NetSuite head on why it wants to be the operating system for your whole business
Monster Hunter Wilds
Monster Hunter Wilds Title Update 1 launches in early April, adding new monsters and some of the best-looking armor sets I need to add to my collection
More about security
cybersecurity

Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak

A major Keenetic router data leak could put a million households at risk
HDD

Seagate teams with Nvidia to build an NVMe hard drive proof of concept, more than 3 years after its last effort
See more latest
Most Popular
HDD
Seagate teams with Nvidia to build an NVMe hard drive proof of concept, more than 3 years after its last effort
Open AI
OpenAI live stream - could we see a major ChatGPT upgrade?
NetSuite EVP Evan Goldberg at SuiteConnect London 2025
"It's our job to deliver constant innovation” - NetSuite head on why it wants to be the operating system for your whole business
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora
Monster Hunter Wilds
Monster Hunter Wilds Title Update 1 launches in early April, adding new monsters and some of the best-looking armor sets I need to add to my collection
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Sony WF-C710N in blue glass on beige background
Sony WF-C710 earbuds land, and I think they'll be the 2025 budget buds to beat
The RIG M2 Streamstar attached to a boom arm.
The RIG M2 Streamstar has the world's first Bluetooth audio gateway in a wired gaming microphone