A ransomware attack on an Arizona-based supply chain management software provider with domestic and overseas customers, including Fortune 500 firms, has caused challenges for major grocery providers in the United Kingdom and possibly other clients, too.

The attack on Blue Yonder throws into relief what some tech analysts described as the intensifying vulnerability of supply chain businesses to ransomware attacks – a threat about which the promotional products industry should be aware.

Owned by Panasonic after being acquired in 2021, Blue Yonder reported last week that hackers successfully struck its managed hosted services environment. The digital criminals were not, however, able to penetrate the company’s Azure public cloud services, according to Blue Yonder.

Blue Yonder has partnered with external cybersecurity experts to set things right – a process that includes investigating the incident to understand its full scope and putting in place defensive and forensic bulwarks to minimize the impacts.

While the firm reported “steady progress” over the weekend, it wasn’t out of the woods yet: An estimated restoration time wasn’t available as of this Nov. 25 writing.

Grocery Chains Under Pressure

The attack was reportedly affecting two of the biggest grocery chains in the United Kingdom – Morrisons and Sainsbury’s, both of which partner with Blue Yonder for help managing their supply chains.

Morrisons told Cybersecurity Dive that the disruption was affecting its warehouse management system for fresh food and produce. The grocer added that it’s operating on backup systems, trying its best to deliver for customers.

“We have reverted to a backup process, but the outage has caused the smooth flow of goods to our stores to be impacted,” a spokesperson for Morrisons told CNN.

Sainsbury’s, another large grocery chain in the U.K., reported to CNN that it had “contingency processes in place” to deal with the Blue Yonder outage.

$4.88 Million
The average cost of a data breach in 2024, making it the highest average on record.(IBM)

A Growing Threat

Other Blue Yonder customers have included Kroger, as well as Albertsons, parent firm to U.S. grocery chains such as Safeway. Anheuser-Busch and Procter & Gamble have relied on Blue Yonder, too. It wasn’t clear if any of those companies were being affected, nor was it known if any promotional products industry companies were being hit by the hacking as of this writing.

“The incident highlights the growing vulnerability of supply chain companies to ransomware attacks, which can have far-reaching consequences for businesses and consumers alike,” Tech Monitor reported.

Nearly Double
The average ransomware payout has increased dramatically from $812,380 in 2022 to $1,542,333 in 2023.(SC Magazine)

Just a month ago, OpenText published its third annual 2024 Global Ransomware Survey. The report spotlighted how the threat against supply chain software is on the rise, along with the role of generative artificial intelligence in cybercrime.

“The survey revealed that 62% of respondents had faced a ransomware attack originating from a software supply chain partner within the past year, highlighting the extensive reach of these threats,” Tech Monitor noted.

Certainly, cybersecurity in the promotional product industry has been top of mind for merch executives. At the 2024 ASI Power Summit, industry leaders acknowledged in a panel discussion that it has become a huge concern and that large portions of their information technology budgets go toward protecting their businesses against such attacks.

The panelists shared that, through proper employee training and consistent evolution of systems to account for potential vulnerabilities, businesses can greatly increase their chances of fending off an attack. It’s possible for small and midsized companies, too.

Still, nothing is foolproof, and promo firms large and small have sustained attacks. Counselor Top 40 distributor Staples Promotional Products (asi/120601) suffered an apparent hacking last December.

A 2019 hacking at Counselor Top 40 firm alphabroder (asi/34063) led to a ransom payment. Top 40 supplier Hit Promotional Products (asi/61125) contended with what was described as a cybersecurity incident in March of last year.

Meanwhile, MV Sport/The Game (asi/68318) sustained an attack in September/October 2022. Aakron Line (asi/30270) dealt with a malware issue. HanesBrands (asi/59528) was compromised. Essent Corporation, a promo-focused business management platform, fell prey to an encryption attack in late 2022. Hackers infiltrated a Cisco merch store in September.