Starbucks has gone back to pen and paper after vendor ransomware attack

Starbucks Store
(Image credit: oberaichwald / Pixabay)

  • Starbucks stores are using pen and paper to track employee hours after attack
  • Third-party Vendor Blue Yonder hit with ransomware attack
  • Retail stores in the UK and US affected

Starbucks may be the largest coffee chain in the world, but many of its stores have been forced to manually track employee’s schedules and payroll after a third party supply chain vendor was hit by a ransomware attack.

Blue Yonder confirmed it was the victim of a ransomware attack, and services are still being severely disrupted, with the company confirming it is “working around the clock to respond to this incident”.

The list of affected stores is growing, with UK retail giants Sainsbury’s and Morrisons also both reporting disruption. The stores have affirmed that backup processes and contingency plans are in place, so the impact on customers should be minimal.

Third party risks

It’s not yet clear exactly what the effects of the hack will be, and the extent of the disruption is yet to be seen. Ransomware is a costly business, with the average demand over $5 million in the first half of 2024.

Ransomware attacks are on the rise across the globe, and increasingly digital operations mean many companies are reliant on third party vendors, which can put companies at risk even if their own cybersecurity is airtight.

The risks can be mitigated by thoroughly assessing third party vendors and by ensuring contingency plans are in place, and CISOs are encouraged to collaborate with their peers in the industry to foster strong relationships.

"The Blue Yonder incident reminds all organizations that focusing only on the security and resilience of systems under your direct control is no longer an option.” said Matt Aldridge, Principal Solutions Consultant at OpenText Cybersecurity.

“Dependencies run deep and broad in the supply chain, so it is essential that all suppliers are thoroughly vetted on an ongoing basis, and that contingency plans are in place before going live with any major third-party solution.“

Via CNN

You might also like

Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.