A ransomware attack on software provider Blue Yonder has forced Starbucks to revert to manual methods for managing employee schedules and payroll across North America.
The November 21st cyber incident disrupted Blue Yonder's systems, affecting its supply chain management software used by Starbucks for scheduling shifts and tracking retail workers' hours in the US and Canada.
Store managers are now using pen and paper to handle employee scheduling, though Starbucks reports that store operations and hours remain unaffected. The coffee chain has not received a timeline from Blue Yonder for resolving the system outage.
To maintain employee compensation, Starbucks will pay workers based on their scheduled shifts for the week of November 18th, though this may not reflect actual hours worked due to schedule changes, vacation time, or sick leave that couldn't be entered into the system.
"We are hopeful this outage will not extend to impact payroll processing for future weeks," Starbucks stated in an internal message to employees. The company has provided managers with templates to create schedules manually, departing from their usual three-week advance scheduling process.
Blue Yonder spokesperson Marina Renneke confirmed the ransomware incident, stating that the company is working with external cybersecurity firms on recovery efforts and has implemented defensive protocols.
The attack has also impacted other Blue Yonder clients, including UK grocery chains. While some retailers like Morrisons have switched to backup systems, others like Sainsbury's and Asda report being unaffected by the breach.
Blue Yonder, based in Scottsdale, Arizona, serves various industries including manufacturing, grocery, logistics, automotive, and restaurant companies. The company continues to notify affected customers as they work to resolve the situation.