{"id":646339,"date":"2024-12-09T14:35:12","date_gmt":"2024-12-09T11:35:12","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/blue-yonder-investigating-data-theft-claims-after-ransomware-gang-takes-credit-for-cyberattack\/"},"modified":"2024-12-09T14:35:12","modified_gmt":"2024-12-09T11:35:12","slug":"blue-yonder-investigating-data-theft-claims-after-ransomware-gang-takes-credit-for-cyberattack","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/blue-yonder-investigating-data-theft-claims-after-ransomware-gang-takes-credit-for-cyberattack\/","title":{"rendered":"#Blue Yonder investigating data theft claims after ransomware gang takes credit for cyberattack"},"content":{"rendered":"<div>\n<p id=\"speakable-summary\" class=\"wp-block-paragraph\">Supply chain software giant Blue Yonder says it is investigating claims of data theft after a ransomware gang threatened to publish troves of data stolen from the company.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">Arizona-based Blue Yonder, which provides supply chain management software to thousands of organizations including DHL, Starbucks and Walgreens, was hit by a cyberattack on November 21. The company said at the time that it was a \u201cransomware incident\u201d but did not say who was behind the attack.<\/p>\n<p class=\"wp-block-paragraph\">On Friday, the \u201cTermite\u201d ransomware group claimed responsibility for the attack on its dark web leak site. In a post seen by TechCrunch, the gang claims to have stolen 680 gigabytes of data from Blue Yonder, including documents, reports, insurance documents and email lists, which Termite says it intends to use \u201cfor future attacks.\u201d\u00a0<\/p>\n<p class=\"wp-block-paragraph\">In a statement given to TechCrunch, Blue Yonder spokesperson Marina Renneke said the company was \u201caware of who has claimed responsibility.\u201d<\/p>\n<p class=\"wp-block-paragraph\">\u201cWe are aware that an unauthorized third party claims to have taken certain information from our systems,\u201d Renneke said. \u201cWe are working diligently with external cybersecurity experts to address these claims. The investigation remains ongoing.\u201d<\/p>\n<p class=\"wp-block-paragraph\">The Termite ransomware gang first emerged earlier this year. Security experts believe the group is a rebranding of the notorious Russia-linked Babuk ransomware group, which carried out more than 65 attacks and received $13 million in ransom payments, according to the U.S. Department of Justice.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">Threat intelligence company Cyble <a rel=\"nofollow\" target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/cyble.com\/blog\/technical-look-at-termite-ransomware-blue-yonder\/\">noted<\/a> similarities between the Termite and Babuk ransomware strains, and security researchers at Broadcom <a rel=\"nofollow\" target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.broadcom.com\/support\/security-center\/protection-bulletin\/termite-ransomware\">observed<\/a> the group using a modified version of Babuk ransomware.<\/p>\n<p class=\"wp-block-paragraph\">On its dark web leak site, where the gang lists six other victims, Termite is threatening to publish data allegedly stolen from Blue Yonder \u201csoon.\u201d It\u2019s not known whether it has demanded a ransom payment from the company, and Blue Yonder declined to say when asked by TechCrunch.<\/p>\n<p class=\"wp-block-paragraph\">Blue Yonder also declined to say how much and what types of data had been stolen but did not dispute the claims made by Termite when asked.<\/p>\n<p class=\"wp-block-paragraph\">In an update to its <a rel=\"nofollow\" target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/blueyonder.com\/customer-update\">cybersecurity incident page<\/a> on Friday, Blue Yonder said it has \u201cnotified customers who were impacted by operational disruptions and have been working with them throughout the restoration process.\u201d<\/p>\n<p class=\"wp-block-paragraph\">It\u2019s still not known how many of Blue Yonder\u2019s 3,000-plus customers were impacted by the incident. U.K. supermarket chains Morrisons and Sainsbury\u2019s previously confirmed to TechCrunch that they had been affected, and U.S. coffee giant Starbucks said the ransomware attack had forced managers to manually calculate employees\u2019 pay.<\/p>\n<\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMN63nwsw68G3Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/category\/technology\/\" target=\"_blank\" >Technology<\/a><\/span> category.<\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/techcrunch.com\/2024\/12\/09\/blue-yonder-investigating-data-theft-claims-after-ransomware-gang-takes-credit-for-cyberattack\/\" target=\"_blank\" >Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Supply chain software giant Blue Yonder says it is investigating claims of data theft after a ransomware gang threatened to publish troves of data stolen from the company.\u00a0 Arizona-based Blue Yonder, which provides supply chain management software to thousands of organizations including DHL, Starbucks and Walgreens, was hit by a cyberattack on November 21. The&#8230;<\/p>\n","protected":false},"author":1,"featured_media":646340,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/techcrunch.com\/wp-content\/uploads\/2024\/07\/data-breach-overview-v2.jpg?resize=1200,675","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[75885,153085,153086,70375,72458,73240,72287,153087],"class_list":["post-646339","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology","tag-enterprise","tag-babuk","tag-blue-yonder","tag-cybersecurity","tag-data-breach","tag-ransomware","tag-security","tag-termite"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/646339","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=646339"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/646339\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/646340"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=646339"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=646339"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=646339"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}