British supermarket chain Morrisons has reported a setback in its operations following a cyberattack on its technology provider, Blue Yonder, which disrupted its supply chain management systems in November 2024. The attack significantly impacted the company’s ability to manage product availability, particularly fresh produce, leading to slower sales growth during the critical Christmas trading period.
The cyber incident targeted Blue Yonder, a supply chain software provider serving several major retailers across the UK and the US. As a result of the attack, Morrisons was unable to track its stock levels or the availability of products for several days. CEO Rami Baitieh explained that the retailer’s warehouse management system had to be shut down, leaving it without visibility on inventory for fresh produce and other items.
“We found a workaround very quickly, but our availability fell significantly, and we very sadly let down some customers,” said Baitieh. He noted that although the issue had set back the supermarket’s progress, product availability had improved, albeit not yet reaching pre-incident levels.
Morrisons’ chief financial officer Jo Goff stated that while the company had seen positive sales growth in Q1 through the end of this month, it was slower than the 4.9% reported for the previous quarter. The retailer has indicated that it expects to recover costs associated with the cyberattack through insurance claims.
The IT disruption comes at a time when Morrisons had been showing signs of recovery and growth after a period of strategic changes. Despite the setback, the company’s performance over the past year was largely positive, with like-for-like sales rising by 4.1% in the 12 months ending 27 October 2024. Earnings also increased, reaching £835m compared to £751m in the previous year.
Morrisons stated that, although the company’s overall performance has remained solid, the unavailability of products in stores due to the cyberattack had a negative impact on Christmas sales. Baitieh acknowledged that the incident “set back” the company’s turnaround efforts, affecting its ability to maintain consistent stock levels and deliver on customer expectations. The supermarket chain has also indicated that product availability in its stores has not yet fully recovered, though it is in a better position than a year ago.
Wider impact on Blue Yonder clients
The ransomware attack on Blue Yonder also affected other major clients of the software provider, including other UK supermarkets and US-based grocery chains. The Arizona-based company, acquired by Panasonic in 2021, confirmed the attack and noted that its private cloud services had been impacted, while its Azure public cloud services remained unaffected. Blue Yonder reported that recovery efforts were underway but did not provide a specific timeline for full restoration.
In addition to Morrisons, other retailers such as Sainsbury’s in the UK and Starbucks in the US, were also affected by the incident. Sainsbury’s confirmed it had activated contingency plans to manage the disruption, while Starbucks faced operational challenges related to employee scheduling and payroll, leading to payment delays for staff.
Read more: Blue Yonder investigates ransomware attack as Termite claims responsibility
