Supply chain [SC] Supply Chain

Sainsbury's Third-Party Breach (November 2024)

2024-11-01 [vendor] Blue Yonder
Primary Source ↗

Incident Details

Ransomware attack on software supplier disrupts operations for Starbucks and other retailers. A ransomware attack that hit a major software provider last week caused disruptions for a handful of companies over recent days, from Starbucks to U.K. grocery giant Morrisons. NEW YORK (AP) — A ransomware attack that hit a major software provider last week caused disruptions for a handful of companies over recent days, from Starbucks to U.K. grocery giant Morrisons. Blue Yonder, which provides supply chain technology to a range of brands worldwide, said that it experienced disruptions to services it manages for customers on Thursday, which the third-party software supplier determined to be “the result of a ransomware incident.”. Third-party company: Blue Yonder.

Technical Details

Initial Attack Vector
Compromise of third-party service provider / vendor relationship
Vendor / Product
Blue Yonder
Supply Chain Attack
✅ Confirmed third-party / vendor compromise

Timeline

  1. 2024-11-01 Breach occurred
  2. 2024-11-26 Publicly disclosed