Starbucks Records Pay Manually After Vendor Cybersecurity Breach

Starbucks Corp announced that a ransomware attack on a third-party software provider has led to interruptions in its employee scheduling system, prompting the coffee company to manually calculate workers’ hours and wages.

Blue Yonder Group, a subsidiary of Panasonic specializing in supply chain management software, reported that its systems were affected by a “ransomware incident” on November 21. A spokesperson for Starbucks confirmed that the coffee chain utilizes Blue Yonder’s software to organize shifts and monitor retail workers’ hours across North America.

Stores operated by Starbucks are resorting to traditional methods, such as pen and paper, for employee scheduling. The spokesperson mentioned that the incident has not affected store operations or hours. The impact of the Blue Yonder breach is limited to company-operated locations in the United States and Canada.

In a communication to employees viewed by Bloomberg News, Starbucks indicated that Blue Yonder has not provided a timeline for resolving the situation. To ensure that employees are compensated on November 29, they will be paid based on scheduled shifts for the week of November 18, which may differ from the actual hours worked, as some staff may have picked up additional shifts or taken time off that wasn’t recorded.

“We are optimistic that this outage will not affect payroll processing in the upcoming weeks,” the company stated in its update to staff. “However, we are actively exploring options to enhance pay accuracy and processing in case the outage persists.”

Additionally, Starbucks shared a scheduling template with managers to assist in creating schedules for the week of December 9, whereas the company typically generates schedules three weeks in advance.

Ransomware Incident

On Monday, Blue Yonder released a statement confirming that it had informed relevant customers about the incident and pledged to maintain communication as necessary.

“Blue Yonder has experienced disruptions to its managed services hosted environment, attributed to a ransomware incident,” explained Marina Renneke, a representative from the company. “Since discovering the incident, the Blue Yonder team has been collaborating closely with external cybersecurity firms to advance their recovery efforts. We have enacted numerous defensive and forensic measures.”

The attack was initially reported by CNN, which noted that several UK grocery chains had implemented measures to address the situation.

A spokesperson for the UK grocery chain Morrisons informed Bloomberg News on Monday that the Blue Yonder breach had affected its warehouse management systems but added that the stores are currently functioning “satisfactorily” using backup systems. Sainsbury’s confirmed its usage of Blue Yonder but stated that it was not experiencing disruptions due to its backup solution. An Asda spokesperson mentioned that the company utilizes Blue Yonder but has remained unaffected.

Blue Yonder, headquartered in Scottsdale, Arizona, serves a variety of clients, including those in manufacturing, grocery, third-party logistics, automotive, and restaurant sectors, as detailed on its website.

© 2024 Bloomberg

Follow Moneyweb’s in-depth finance and business news on WhatsApp here.