company logo

Product

Our Product

We are Reshaping the way Developers find and fix vulnerabilities before they get exploited.

Solutions

By Industry

BFSI

Healthcare

Education

IT & Telecom

Government

By Role

CISO/CTO

DevOps Engineer

Resources

Resource Library

Get actionable insight straight from our threat Intel lab to keep you informed about the ever-changing Threat landscape.

Subscribe to Our Weekly Threat Digest

Company

Contact Us

Have queries, feedback or prospects? Get in touch and we shall be with you shortly.

loading..
loading..
loading..
Loading...

Ransomware

ABB

Black Basta

loading..
loading..
loading..

ABB Hit by Black Basta Ransomware Group: Operations Disrupted

Swiss multinational company ABB, which provides electrification and automation technology, has fallen victim to a ransomware attack by the Black Basta group.

12-May-2023
3 min read

Related Articles

loading..

Ransomware

Starbucks

Starbucks grapples with payroll chaos and supply chain disruptions after a devas...

In an unprecedented turn of events, **Starbucks**—the world’s most recognized coffee brand—finds itself in the eye of a digital storm that has crippled its operations. A **devastating ransomware attack** on **[Blue Yonder](https://www.secureblink.com/cyber-security-news/ransomware-attack-cripples-blue-yonder-disrupting-global-supply-chains)**, the tech provider that powers Starbucks' critical supply chain, has triggered chaos not only in the company's logistical operations but in its ability to ensure its employees are paid on time. With operations severely disrupted, Starbucks has been forced to **manually track employee hours**, an unimaginable shift for a company known for its sleek, tech-driven processes. The impact? **Massive delays**, **disorganization**, and the loss of a **once-fluid payroll system**—and that’s just the beginning. --- ### **Attack on Blue Yonder** As we reported earlier, on **November 21, 2024**, a **ransomware attack** on **Blue Yonder**, a **global leader in AI-powered supply chain management**, set off a chain of disruptions across industries. **Blue Yonder**, a key partner for major brands like **Ford**, **Sainsbury’s**, and **Morrisons**, had its private cloud environment compromised, knocking down the systems that support its clients' real-time data tracking and decision-making tools. The attack has wreaked havoc on its entire client base, with major companies grappling with service interruptions. While some companies, including **Morrisons** and **Sainsbury's**, have resorted to slower, more manual processes, the ripple effect has been most pronounced at **Starbucks**. For a company with thousands of employees across the globe, the disruption is more than just a logistical headache—it has become a full-blown **operational crisis**. --- ### **How Starbucks Is Navigating the Nightmare** Starbucks, known for its seamless customer experience and cutting-edge technology, has been thrust into a scenario few could have predicted. The global coffee chain, famous for its technological prowess in tracking inventory and ensuring smooth operations, is now scrambling to maintain basic functions. The immediate challenge? **Employee payroll**. Without the real-time data needed to process work hours efficiently, Starbucks has been forced to manually track hours worked by its **hundreds of thousands of employees**. In a world where automation was supposed to eliminate such inefficiencies, this disruption has thrown the company into turmoil. **Jaci Anderson**, a spokesperson for Starbucks, commented, _“We’re working swiftly to bring our systems back online and ensure that all of our employees are paid accurately and on time. Our team is doing everything it can to manage the situation and continue to deliver service to our customers.”_ But how long can this "manual workaround" continue? How will this impact employee morale, especially in a high-stakes season for retail? --- ### **Global Implications for Retail and Supply Chain Tech** What we’re witnessing isn’t just an isolated incident—it’s a **widespread vulnerability** in the **global supply chain tech** ecosystem. Blue Yonder, like many other tech vendors, provides critical infrastructure to thousands of businesses. With a single successful attack, **ransomware gangs** are able to strike at the **heart of the supply chain** and affect **countless businesses** with minimal effort. As [mentioned](https://blueyonder.com/customer-update) in our previous Threatfeed, **ransomware gangs** increasingly target the **supply chain** as the weakest link in the cybersecurity armor. Attacks like these are only set to increase, as **cybercriminals** realize the exponential damage they can cause by disrupting just one part of the system. For Starbucks, the attack on Blue Yonder is not just a technical inconvenience—it’s a **warning sign**. While the company has not experienced any customer-facing disruptions, the question remains: **How many more attacks like this will it take before retailers and manufacturers are forced to rethink their entire cybersecurity infrastructure?** --- ### **Future of Supply Chain Security: What Other Retailers Can Learn from Starbucks’ Crisis** As Starbucks scrambles to bring its back-end systems back online, it’s clear that the **need for stronger cybersecurity measures** in the supply chain has never been more urgent. If this attack can bring a giant like Starbucks to its knees, what’s stopping it from happening to other major retailers? The situation at Starbucks serves as a **case study** in **crisis management**. The company has responded quickly, but the **long-term effects** of this disruption may not be fully realized for some time. How long will it take for **Blue Yonder** to fully recover, and how will its clients adjust in the interim? One thing is clear: **ransomware attacks** on supply chain providers are now a **top concern** for every business that relies on third-party tech solutions. Retailers, manufacturers, and distributors must start asking themselves: *Are we prepared for an attack that could bring our operations to a standstill?* --- ### **Can Starbucks Weather the Storm?** With service to customers **largely unaffected** so far, Starbucks has managed to keep the impact of this cyberattack under wraps. However, the **internal challenges** of keeping operations running smoothly are far from over. The company will have to rethink its relationship with Blue Yonder and other third-party vendors in light of this breach. Could this be the wake-up call for the coffee giant to build more **resilient, in-house systems**? As the investigation into the attack continues, and Blue Yonder works to restore its systems, the road to recovery will likely be long and fraught with challenges. For now, Starbucks remains focused on ensuring that employees are paid on time and that its **global supply chain** continues to function as seamlessly as possible—despite the storm raging in the background.

loading..   27-Nov-2024
loading..   5 min read
loading..

Blue Yonder

Blue Yonder hit by ransomware, disrupting supply chains for major retailers like...

On November 21, 2024, Blue Yonder, a prominent AI-powered supply chain management provider, suffered a ransomware attack that caused significant disruptions to its managed services environment. The company, a subsidiary of Panasonic, provides critical services to businesses worldwide, including leading retailers and manufacturers. The attack primarily affected Blue Yonder's private cloud environment, disrupting supply chain operations for several of its high-profile clients, particularly in the United Kingdom. --- ### **What is Blue Yonder’s Role in Global Supply Chains?** Blue Yonder (formerly JDA Software) is a key player in the world of supply chain management, offering AI-driven solutions that help businesses optimize demand forecasting, inventory management, and transportation logistics. The company serves over 3,000 clients, including global leaders like DHL, Nestlé, Procter & Gamble, and major grocery chains such as Tesco, Morrisons, and Sainsbury's. **Key Offerings and Clientele** Blue Yonder’s software tools are crucial for supply chain operations across industries such as retail, logistics, and manufacturing. These solutions help businesses forecast demand, optimize stock levels, and streamline logistics. The company has built a diverse customer base, with notable clients spanning across retail, manufacturing, and consumer goods. --- ### **Details of the November 2024 Ransomware Attack** #### **Attack’s Discovery and Immediate Response** On November 21, 2024, Blue Yonder disclosed that it was experiencing disruptions due to a ransomware incident affecting its managed services hosted environment. This environment, crucial for supporting SaaS platforms and cloud-hosted supply chain tools, was compromised, disrupting real-time supply chain data for clients. However, the company confirmed that its public cloud infrastructure was not impacted by the attack. Blue Yonder immediately activated its defensive protocols, collaborating with external cybersecurity firms to analyze the breach and mitigate further risks. The company has yet to confirm the specific ransomware strain involved but continues to investigate the full scope of the attack. --- ### **Impact on UK Grocery Chains: Disruptions and Response** #### **Morrisons and Sainsbury's Deal with Delays** Blue Yonder’s disruption affected several high-profile clients, particularly in the United Kingdom. Morrisons, a major UK grocery retailer with nearly 500 stores, confirmed it had switched to a slower backup process to continue operations. This resulted in delays in the smooth flow of goods to stores, affecting stock levels and availability. Sainsbury's, another leading UK grocery chain, similarly reported that while it had contingency plans in place, the disruption still impacted its inventory management. This response highlights the challenges retailers face when their automated supply chain systems are compromised. #### **Broader Implications for Retail Operations** The disruption to grocery chains in the UK underscores the critical role supply chain software plays in modern retail operations. When such systems go offline or experience delays, the consequences can ripple throughout the supply chain, affecting everything from stock availability to customer satisfaction. --- ### **Global Impact: U.S. and Other Regions** #### **Blue Yonder’s U.S. Clients at Risk** Blue Yonder’s client base extends beyond the UK to major U.S. grocery chains like Albertsons (parent of Safeway and Jewel-Osco) and Kroger (parent of brands like Ralphs and Fred Meyer). Although these companies have not publicly commented on the disruption, the attack on Blue Yonder’s private cloud infrastructure likely affected their operations as well. The potential for significant delays and inventory issues underscores the far-reaching implications of this cybersecurity breach. **Additional Corporate Clients Impacted** Apart from grocery chains, other global corporations, including Procter & Gamble, Nestlé, and 3M, rely on Blue Yonder’s services to optimize their supply chains. These companies’ production and distribution networks may also face interruptions as a result of the attack. --- ### **Response and Recovery: Ongoing Efforts** #### **Steps Taken by Blue Yonder to Recover Systems** In the wake of the attack, Blue Yonder’s cybersecurity team, working with external experts, has focused on restoring the affected managed services environment. The company has implemented several layers of defensive measures, including network segmentation and malware scanning, to prevent further breaches. The company’s updates have emphasized that while progress is being made, a complete restoration timeline has yet to be provided. As of November 23, 2024, Blue Yonder’s spokesperson stated that no additional suspicious activity had been detected in its public cloud infrastructure. #### **Lessons from Blue Yonder’s Response** Blue Yonder’s quick response demonstrates the importance of strong cybersecurity protocols in the digital age. The company’s transparent communication with clients also highlights the value of keeping stakeholders informed during a crisis. --- ### **Critical Role in Supply Chain Management** #### **Supply Chain Vulnerabilities Exposed** The attack on Blue Yonder highlights the vulnerabilities inherent in supply chain operations that rely heavily on cloud-based systems. With an increasing number of businesses shifting to AI-powered solutions for inventory management, demand forecasting, and logistics optimization, the security of these systems has never been more important. #### **Best Practices in Supply Chains** As companies integrate more advanced technologies into their supply chain operations, securing these systems against cyber threats becomes paramount. Businesses must prioritize: - **Data Encryption:** Ensuring sensitive data is encrypted both in transit and at rest. - **Regular Audits:** Conducting routine cybersecurity audits to detect vulnerabilities. - **Employee Training:** Regularly training employees to recognize and respond to potential threats. - **Contingency Planning:** Developing and testing backup plans to ensure continuity in case of disruptions. --- ### **Future of Secure Supply Chains** The Blue Yonder ransomware attack serves as a stark reminder of the growing cybersecurity risks facing modern supply chains. As businesses continue to rely on integrated, cloud-based systems to optimize their operations, the importance of robust cybersecurity measures cannot be overstated. **Key Takeaways for Businesses** Companies must not only focus on securing their digital infrastructure but also ensure they have resilient backup processes in place. The ability to quickly recover from such attacks will define the future of supply chain operations, making cybersecurity a cornerstone of business continuity. ---

loading..   26-Nov-2024
loading..   5 min read
loading..

Expose

Hackers expose sensitive data from Andrew Tate's online course, raising question...

In a high-profile breach, hackers infiltrated the online course platform "The Real World," founded by controversial influencer Andrew Tate. The data leak exposed sensitive information of nearly 800,000 users, including private chat logs and 325,000 email addresses. The breach coincides with Tate’s ongoing legal battles, including charges of human trafficking and rape in Romania. ### A Symbolic Hack: Bold Messages in Digital Chaos The hackers, identified as hacktivists, orchestrated the breach with a blend of symbolism and disruption. During Tate’s live-streamed _“Emergency Meeting”_ show on Rumble, they uploaded custom emojis to the platform's chatroom, including a transgender flag, a feminist fist, and AI-generated images of Tate draped in a rainbow flag. One particularly provocative emoji exaggerated Tate’s physique, showcasing the hackers’ intent to undermine his persona. The Daily Dot, which first reported the incident, received the hacked data and subsequently shared it with the breach notification site Have I Been Pwned and nonprofit transparency collective DDoSecrets. ### A Vulnerability Exploited Hackers claimed they exploited a critical vulnerability within _"The Real World"_ platform, allowing them to not only extract user data but also wreak havoc. In a statement, they detailed actions including banning users, deleting attachments, and crashing clients temporarily. Cybersecurity analysts described the platform’s defenses as _"woefully inadequate."_ Despite the breach, The Real World continues to boast 113,000 active users, generating an estimated monthly revenue exceeding $5.6 million. The platform markets itself as a hub for _"advanced mentoring"_ in topics like e-commerce, fitness, and financial investments. ### Leaked Logs: A Window into the User Base The leaked chat logs reveal a blend of motivational exchanges and controversial rhetoric. Some users voiced concerns over societal changes, including a post referencing "the LGBTQ agenda" alongside fears for the "future of the USA." Such revelations highlight the divisive community that Tate has cultivated through his brand. ### Andrew Tate's Spiraling Legal Challenges The breach amplifies the spotlight on Andrew Tate, already embroiled in legal troubles. Currently under house arrest in Romania, Tate faces charges including human trafficking, rape, and involvement in an organized crime group. Prosecutors allege he and his brother Tristan groomed vulnerable individuals, compelling them to create explicit content for profit. Romanian authorities estimate the accused generated $2.8 million through these activities. ### New Allegations Surface In addition to ongoing investigations, Romanian authorities announced fresh allegations. These include accusations of underage sexual exploitation and using criminal proceeds to purchase luxury items registered under third-party names. Prosecutors impounded 16 luxury cars, cash, and electronics during recent raids. Andrew Tate continues to deny all charges, calling them a “set-up” and a desperate attempt to tarnish his reputation. His remarks echo his long-standing claims of being targeted by a global conspiracy to silence him. ### A Polarizing Online Figure Andrew Tate’s rise to fame began with his kickboxing career but took a controversial turn with his online persona. Known for misogynistic remarks, Tate has been banned from multiple platforms for promoting hate speech. Despite this, his influence endures, with billions of views on TikTok under the hashtag #AndrewTate. Critics argue his rhetoric radicalizes young men, promoting toxic masculinity and misogyny. UK authorities have flagged his influence as a risk factor for radicalization, linking it to a surge in violence against women and girls. This breach underscores the vulnerabilities in influencer-led platforms. Experts warn that such platforms, often built rapidly to capitalize on fame, prioritize profitability over robust security measures. The hack serves as a cautionary tale for digital entrepreneurs. ### Public Interest vs. Privacy As the stolen data circulates online, debates around ethical boundaries emerge. While the breach exposes potential lapses in security and accountability, it also compromises the privacy of thousands of users. Advocacy groups emphasize the need for better regulation and stronger cybersecurity frameworks. --- #### Key Takeaways: - Data on 800,000 users, including 325,000 email addresses, was leaked. - Hackers exploited vulnerabilities to disrupt operations and expose sensitive data. - Fresh allegations compound his existing charges of human trafficking and organized crime. - The hack highlights the complex interplay of cybersecurity, ethics, and online radicalization.

loading..   23-Nov-2024
loading..   4 min read