HQ/EMEAFind out how we can help your business
The SaaS provider Blue Yonder has confirmed it was the target of a ransomware attack in November, with the newly emerged Termite gang claiming responsibility. The attackers claim they stole 680GB of data from the company, including sensitive documents, email lists, database dumps, and insurance files.
Blue Yonder, previously known as JDA Software and now a subsidiary of Panasonic, provides supply chain software solutions to over 3,000 clients globally. Its customer base includes prominent companies such as Microsoft, Tesco, DHL, and 7-Eleven.
The attack has caused significant disruptions for Blue Yonder’s customers, many of whom depend on its managed services to oversee critical operations. Starbucks was forced to manually process employee payments after its scheduling software, used across more than 10,000 stores, became inoperative.
Similarly, Morrisons and Sainsbury’s, two major UK supermarket chains, experienced issues with their warehouse management systems, affecting the supply of fresh foods. French pen manufacturer BIC also reported delays in shipping due to the incident.
Blue Yonder has made progress in restoring operations, with some affected clients back online.
The company has enlisted external security experts to assist other customers in recovering their systems and resuming normal business activities.
The Termite ransomware gang, which surfaced in mid-October, appears to be expanding its operations. The group has claimed responsibility for attacks on seven victims from various industries and regions, listing these on its dark web portal.
Security experts have noted that Termite uses a modified version of encryption software leaked several years ago. However, the group’s tools reportedly have technical flaws that can cause them to fail prematurely, suggesting their methods are still under development. Despite these issues, Termite continues to engage in data theft, extortion, and encryption-based attacks, making them a growing threat in the cybercrime landscape.
Blue Yonder has not disclosed how many customers were affected by the breach or whether the stolen data has been publicly leaked. The company stated it is working diligently to address the incident and minimise disruptions to its clients.
