Starbucks is grappling with pay and scheduling disruptions after its system, managed by software provider Blue Yonder, was hit by a ransomware attack. The cyberattack, which began on 21 November, has impacted Starbucks’ ability to track employee hours and process payments accurately, forcing the company to implement temporary measures to manage the fallout.
Blue Yonder’s outage is also affecting grocery stores and major corporations, as its software is widely used by Fortune 500 firms. The attack has left companies relying on manual processes, reminiscent of past ransomware incidents that forced businesses to revert to pen-and-paper operations.
At Starbucks, employees have been instructed to log their shifts manually while the system remains offline. The coffee chain assured staff that payments for the period ending 17 November are unaffected, but discrepancies may arise for subsequent pay periods. Employees who receive less than their due pay or have unused sick or vacation time will be compensated as soon as possible. Overpayments for unworked scheduled shifts during the affected dates will not be reclaimed.
However, the attack poses challenges for workers who planned to use paid time off during this period, as those payments are delayed until the system is restored. The timing is especially problematic for employees taking vacations around the holiday season.
Starbucks emphasised that its customer-facing operations remain unaffected, and the company is committed to minimising disruptions for its workforce.
Blue Yonder acknowledged the ransomware incident, stating it is working with cybersecurity experts to address the breach. The company has implemented defence measures and forensic protocols but has not provided a timeline for full resolution.
