FlagThis

Supply chain software giant Blue Yonder was the victim of a ransomware attack on November 21, 2024. The Termite ransomware group has claimed responsibility for the breach, stating they stole 680 gigabytes of data, including documents, reports, insurance documents, and email lists. This attack impacted numerous major clients, among them Starbucks, BIC, and Morrisons, causing significant disruptions to their operations. Blue Yonder is actively investigating the incident with the help of external cybersecurity experts, but the full extent of the data breach and its impact is still under assessment. The stolen data includes potentially sensitive customer information, raising concerns about further attacks.

The Termite group, believed to be a rebranding of the Babuk ransomware group, is threatening to publish the stolen data. This poses a significant risk, especially given the potential for phishing attacks using the acquired email lists and internal information. Companies like Starbucks, which experienced disruptions in employee payroll systems, and Morrisons, which had to use alternative supply chain methods, are among those bracing for the potential fallout of the data breach. Blue Yonder has confirmed it is aware of the claims and working to address them. The Information Commissioner's Office in the U.K. has not yet received a data breach report from the company.

ImgSrc: cyberscoop.com

References:

• TechCrunch - Blue Yonder investigating data theft claims after ransomware gang takes credit for cyberattack - 16d
• Techzine Global - Starbucks, BIC must brace for Blue Yonder hack fallout - 16d
• The Register - Blue Yonder ransomware termites claim credit - 16d
• Threats - The ransomware looks to be a re-worked variant of Babuk. - 14d

Classification:

• HashTags: Ransomware BlueYonder Cyberattack
• Company: Blue Yonder
• Target: Blue Yonder and its clients
• Attacker: Termite
• Product: supply chain software
• Feature: supply chain management softwa
• Type: Ransomware
• Severity: Major