Starbucks has been forced to schedule shifts and calculate staff pay manually following a ransomware attack on one of its third-party software vendors.
While the coffee chain has not publicly said which of its software providers suffered the attack, initial reports by the Wall Street Journal stated that Blue Yonder, an enterprise cloud services provider based in Arizona, was the vendor in question.
The ransomware attack on Blue Yonder and subsequent outage was first announced on November 21 and has reportedly affected many of its customers, including Starbucks’ 11,000 stores in North America.
Starbucks has reassured staff that they will be fully paid for all hours worked.
How has the ransomware attack affected Starbucks store management?
Following the outage, baristas are reportedly unable to view and manage their schedules on the usual platform.
Store managers and leaders are also unable to see the usual view of the full work schedules of their store, leaving them unable to track hours being worked automatically.
Accordingly, staff and managers are manually scheduling and tracking hours worked.
Speaking to the Wall Street Journal, Starbucks said employees would still be fully compensated and that customer service would not be disrupted.
“Keeping our partners (associates) whole despite the outage continues to be our priority and we’re ensuring they will receive pay for all hours worked," the statement said.
Jaci Anderson, a spokesperson for Starbucks, told Axios the business is working quicky to bring back-end services back online and to ensure employees are paid on time and in full.
Starbucks will initially pay its workers for pre-scheduled shifts. Once its workforce management platform is back up and running, it will then make any necessary adjustments or corrections to ensure employees are paid correctly.
Starbucks vendor ‘working around the clock’ to resolve software issue
In its most recent statement shared Monday, Blue Yonder said it was “working around the clock to respond to this incident and continues to make progress.”
At the time of writing, the cloud services business hasn’t yet given a specific timeline on how long it expects its services to be down.
Among other businesses affected by the outage are Ford and two of the biggest UK supermarket chains, Sainsbury's and Morrisons.
AI in Hiring: Trends, Insights and Predictions
As AI revolutionizes the recruitment life cycle at warp speed, HR leaders must stay informed about AI’s advantages and its current shortcomings.
How can we adopt these tools to stay competitive and efficient while retaining the human touch that remains critical to optimizing candidate experience, making informed decisions, and, ultimately, building strong teams and cultures?
That is our industry’s biggest challenge as we navigate this new terrain. We hope these insights, tips, and predictions will help drive innovation and excellence in your hiring practice.
However, as each company will use Blue Yonder’s cloud software to support different platforms, the impact on those businesses is different to Starbucks.
The supermarkets, for example, saw their food and produce stock management systems disrupted.
Meanwhile, the automaker has released a statement but has not specified how it has impacted. “Ford is aware and is actively investigating if a cyber incident at a third-party supplier has any impact on our operations or systems,” Ford spokesperson Ian Thibodeau told CNN.
Ransomware attacks a major concern for employers in 2024
CNBC, citing a report from the Office of the Director of National Intelligence, said that 2024 is on track to be one of the worst years on record for ransomware attacks.
According to a study from CyberInt, the US reported over 250 ransomware incidents in the first three quarters of 2024, up 24% compared to the same period in 2023.
Cybersecurity experts have previously indicated that the risk of ransomware attacks rises during the holiday season, including Thanksgiving and the Black Friday weekend.
Ransomware attacks, as well as directly disrupting business operations and workforce management, can also cause employees stress and negatively impact their wellbeing.
Employers are encouraged to proactively take steps to mitigate the risk of cybersecurity attacks, including training for workers to improve their awareness of potential threats such as phishing.