Ransomware attack leaves Starbucks using pens and paper to track employee hours
The ransomware attack at Blue Yonder, which makes the software, also disrupted grocery stores and Fortune 500 firms.
- Starbucks' payment and scheduling system has been hit with a ransomware attack.
- The coffee company issued guidance for workers about how to handle pay disruptions caused by the outage.
- The outage at Blue Yonder, which makes the software, also impacted grocery stores and Fortune 500 firms.
The software company behind Starbucks' payment and scheduling system has been experiencing a dayslong ransomware attack, causing outages that are disrupting employee pay.
The attack on Blue Yonder, the company that makes the software, began on November 21 and has caused outages in Starbucks's system for tracking employee hours and payments.
According to documents reviewed by Business Insider, Starbucks has issued guidance to its employees about how to handle pay disruptions caused by the Blue Yonder outage. Starbucks told its employees that payment for the period ending on November 17 would be unaffected, but there may be discrepancies in the following pay period.
"We will ensure partners who receive less than their worked hours or intended sick and/or vacation time will be paid correctly, as soon as possible," the internal documents read.
The outage has forced employees to track their shifts using pens and paper, according to Bloomberg.
The documents viewed by BI indicate that employees who are missing pay from their checks should notify their store managers as soon as possible. Any underpayment will be resolved in the next pay period. Any payment overages resulting from an employee being paid for a scheduled shift from November 18 through November 24 that they did not report to work for will not be required to be paid back, the documents say.
A Starbucks partner in the South said their manager told them on Monday that employees who had paid time off planned for the affected weeks won't be paid for that time until the outage has been fixed.
That's "potentially very bad for some partners taking vacation around the holidays," the partner told Business Insider.
A spokesperson for Starbucks told Business Insider that the company is working to ensure its partners are paid for their hours worked with limited disruption, and indicated the outage has not disrupted customer-facing technology or service in any of its locations.
Blue Yonder's software is also used by major grocery store chains and Fortune 500 firms, CNN reported.
Similar cyber attacks have previously left companies like Sony and car dealerships across America using pen and paper for administrative tasks and sales transactions.
"Blue Yonder experienced disruptions to its managed services hosted environment, which was determined to be the result of a ransomware incident," a spokesperson for the company told Business Insider in a statement. "Since learning of the incident, the Blue Yonder team has been working diligently together with external cybersecurity firms to make progress in their recovery process. We have implemented several defensive and forensic protocols."
The software company does not currently have a timeline for resolution of the issue, according to a webpage the company has published for customers impacted by the attack.