[Americas] Starbucks left manually tallying hours and pay following vendor hack

Starbucks Corp. has confirmed that a ransomware attack at a third-party software supplier has disrupted its system for tracking employee schedules, forcing it to manually tally workers’ hours and pay, BNN Bloomberg reports.

Blue Yonder Group Inc. - a Panasonic subsidiary providing supply chain management software - said its systems had been disrupted by a November 21 “ransomware incident.” The coffee giant is one of its customers and relies on Blue Yonder software to schedule shifts and track retail workers’ hours in North America, according to a Starbucks spokesperson. 

Starbucks’ stores have reportedly resorted to manual methods such as pen and paper for employee scheduling, the spokesperson said but added that the incident had not impacted store operations or hours. The Blue Yonder breach is affecting company-operated stores in the US and Canada.

In a message to workers seen by Bloomberg News, Starbucks Blue Yonder has yet to provide a timeline for when the issue will be resolved. To ensure that workers are paid on November 29, they will be compensated for scheduled shifts for the week of November 18. 

The hours might differ from actual hours worked if workers had extra shifts or took holiday or sick time that wasn’t entered into the system.

“We are hopeful this outage will not extend to impact payroll processing for future weeks,” Starbucks said in its update to workers. “However, we are continuing to look for ways to improve pay accuracy and processing should the outage continue.”  

In another message, Starbucks reportedly shared a template to help managers build schedules for the week of December 9. It ordinarily creates schedules three weeks in advance.

In a November 25 statement, Blue Yonder said it had notified relevant customers about the incident and “will continue to communicate as appropriate.” 

“Blue Yonder experienced disruptions to its managed services hosted environment, which was determined to be the result of a ransomware incident,” Marina Renneke - a company spokesperson - said. “Since learning of the incident, the Blue Yonder team has been working diligently together with external cybersecurity firms to make progress in their recovery process. We have implemented several defensive and forensic protocols.”

The ransomware attack was previously reported by CNN, which said that some UK grocery store chains had taken steps to deal with the incident.

A Morrisons representative reportedly told Bloomberg News that the Blue Yonder breach had impacted warehouse management systems but added that the stores were operating “satisfactorily” on backup systems. 

Sainsbury’s confirmed that it used Blue Yonder but said it wasn’t experiencing disruptions because it had a backup solution. An Asda spokesperson said the company used Blue Yonder but was unaffected.

According to its website, Blue Yonder’s customers include manufacturing, grocery, third-party logistics, automotive and restaurant companies.

Source: BNN Bloomberg

(Quotes via original reporting)

Starbucks Corp. has confirmed that a ransomware attack at a third-party software supplier has disrupted its system for tracking employee schedules, forcing it to manually tally workers’ hours and pay, BNN Bloomberg reports.

Blue Yonder Group Inc. - a Panasonic subsidiary providing supply chain management software - said its systems had been disrupted by a November 21 “ransomware incident.” The coffee giant is one of its customers and relies on Blue Yonder software to schedule shifts and track retail workers’ hours in North America, according to a Starbucks spokesperson. 

Starbucks’ stores have reportedly resorted to manual methods such as pen and paper for employee scheduling, the spokesperson said but added that the incident had not impacted store operations or hours. The Blue Yonder breach is affecting company-operated stores in the US and Canada.

In a message to workers seen by Bloomberg News, Starbucks Blue Yonder has yet to provide a timeline for when the issue will be resolved. To ensure that workers are paid on November 29, they will be compensated for scheduled shifts for the week of November 18. 

The hours might differ from actual hours worked if workers had extra shifts or took holiday or sick time that wasn’t entered into the system.

“We are hopeful this outage will not extend to impact payroll processing for future weeks,” Starbucks said in its update to workers. “However, we are continuing to look for ways to improve pay accuracy and processing should the outage continue.”  

In another message, Starbucks reportedly shared a template to help managers build schedules for the week of December 9. It ordinarily creates schedules three weeks in advance.

In a November 25 statement, Blue Yonder said it had notified relevant customers about the incident and “will continue to communicate as appropriate.” 

“Blue Yonder experienced disruptions to its managed services hosted environment, which was determined to be the result of a ransomware incident,” Marina Renneke - a company spokesperson - said. “Since learning of the incident, the Blue Yonder team has been working diligently together with external cybersecurity firms to make progress in their recovery process. We have implemented several defensive and forensic protocols.”

The ransomware attack was previously reported by CNN, which said that some UK grocery store chains had taken steps to deal with the incident.

A Morrisons representative reportedly told Bloomberg News that the Blue Yonder breach had impacted warehouse management systems but added that the stores were operating “satisfactorily” on backup systems. 

Sainsbury’s confirmed that it used Blue Yonder but said it wasn’t experiencing disruptions because it had a backup solution. An Asda spokesperson said the company used Blue Yonder but was unaffected.

According to its website, Blue Yonder’s customers include manufacturing, grocery, third-party logistics, automotive and restaurant companies.

Source: BNN Bloomberg

(Quotes via original reporting)