### Blue Yonder Ransomware Attack Disrupts Major UK and US Supply Chains

In a significant cybersecurity breach, Blue Yonder, a prominent supply chain software firm with operations across the UK and US, has fallen victim to a ransomware attack that has adversely affected its private cloud services. The incident, which occurred on November 21, 2024, has impacted numerous high-profile clients, including major grocery chains and Fortune 500 companies.

Based in Arizona and acquired by Panasonic in 2021, Blue Yonder revealed that the attack specifically targeted its managed services hosted environment. Fortunately, its Azure public cloud services have remained secure. Initial statements from the company last week were followed by updates over the weekend, wherein the firm reported "steady progress" in recovery, though it refrained from setting a precise timeline for complete restoration.

In the UK, the attack immediately disrupted several Blue Yonder clients, notably major supermarket chains. Morrisons, with nearly 500 stores, disclosed that the ransomware incident had interrupted the flow of goods to its outlets. A Morrisons spokesperson remarked, "We have reverted to a backup process, but the outage has caused the smooth flow of goods to our stores to be impacted." Similarly, Sainsbury's confirmed the activation of contingency plans to manage the situation.

In the US, Blue Yonder supports leading grocery retailers such as Albertsons, the parent company of Safeway and Jewel-Osco, as well as Kroger, which operates Ralphs and Fred Meyer. However, these companies have yet to comment on any operational disruptions. Other notable Blue Yonder clients, like Procter & Gamble and Anheuser-Busch, have also remained silent regarding the potential impacts.

The company has enlisted external cybersecurity experts to assist in the investigation and recovery efforts. Blue Yonder emphasized its commitment to transparency and security, stating, "The Blue Yonder team is continuing to work around the clock, together with our external cybersecurity firms, to safely restore systems, resulting in steady progress. Our investigation remains ongoing, but please know that our priority is to ensure a safe and secure recovery."

The ransomware attack on Blue Yonder underscores the increasing vulnerability of supply chain companies to such threats, with far-reaching consequences for businesses and consumers alike. According to OpenText's third annual 2024 Global Ransomware Survey, 62% of respondents reported experiencing a ransomware attack originating from a software supply chain partner within the past year, highlighting the pervasive nature of these cyber threats.