Starbucks is grappling with significant operational challenges after a ransomware attack on a third-party software provider. An attack on Blue Yonder, a supply chain software provider contracted by the Seattle-based coffee giant, disrupted systems belonging to the latter that were critical in managing employee schedules and tracking hours worked. The impacted back-end processes have impeded Starbucks’ ability to pay its baristas.
The company has assured its workforce that measures are being taken to ensure they are paid accurately. However, the situation has forced Starbucks to adopt manual workarounds as it waits for the issue to be resolved.
The original attack on Blue Yonder, which occurred on 21 November, targeted its private cloud services and caused significant outages for its worldwide customer base. Although the Arizona-based company, owned by Panasonic since 2021, reported steady progress in its recovery efforts, it is yet to provide an estimated timeline for the full restoration of its systems.
(Blue) Yonder, a cyberattack
Blue Yonder’s software plays a crucial role in Starbucks’ North American operations, enabling the coffee chain to automate shift scheduling and employee time tracking. The ransomware attack has left these systems unusable, forcing Starbucks stores in the US and Canada to revert to manual processes such as pen-and-paper scheduling to keep operations running.
Despite the disruption, Starbucks has reassured customers that store hours and service remain unaffected. However, behind the scenes, the company is contending with significant administrative challenges. In a message to employees, as reported by Bloomberg News, Starbucks acknowledged that payroll processing for 29 November would rely on pre-scheduled shifts rather than actual hours worked. This could lead to discrepancies for workers who picked up extra shifts or took leave during the affected period.
To address the challenges, Starbucks has provided store managers with templates to build schedules for the week of 9 December manually. This temporary approach diverges from the company’s standard practice of preparing schedules three weeks in advance.
“We are hopeful this outage will not extend to impact payroll processing for future weeks,” the company stated in its message to employees. “However, we are continuing to look for ways to improve pay accuracy and processing should the outage continue.”
Blue Yonder, which caters to a wide range of retailers, including grocery chains and Fortune 500 companies, revealed last week that the ransomware attack had affected its managed services hosted in private cloud environments. Public cloud services hosted on Microsoft Azure, however, were not impacted. As a result, the attack had ripple effects across multiple industries, including the UK and the US grocery chains.