Customer Update

Cybersecurity Incident Update

After the recent ransomware attack, Blue Yonder worked with external cybersecurity firms and strengthened our defensive and forensic protocols. We have notified customers who were impacted by operational disruptions and have been working with them throughout the restoration process.

We are aware that an unauthorized third party claims to have taken certain information from our systems. We are working diligently with external cybersecurity experts to address these claims. The investigation remains ongoing.

Last Updated: December 6, 2024 8:15pm (UTC)




On Nov. 21, 2024, Blue Yonder experienced disruptions to its managed services hosted environment, which was determined to be the result of a ransomware incident.

Blue Yonder has been working diligently together with external cybersecurity firms and hardened our defensive and forensic protocols.

We are making good progress, several of our impacted customers have been brought back online, and we are actively working directly with others to return them to normal business operations.

Last Updated: December 1, 2024 10:25pm (UTC)




The Blue Yonder team is working around the clock to respond to this incident and continues to make progress. There are no additional updates to share at this time with regard to our restoration timeline following our post yesterday, November 23.

Please continue to check here for more information over the coming days.

Last Updated: November 24, 2024 8:30pm (UTC)




As part of our continued commitment to transparency with our valued customers and partners, we are providing a further update on the restoration of our managed services hosted environment.

The Blue Yonder team is continuing to work around the clock, together with our external cybersecurity firms, to safely restore systems, resulting in steady progress.

Our investigation remains ongoing, but please know that our priority is to ensure a safe and secure recovery. At this point in time, we do not have a timeline for restoration.

We will continue to provide further updates here as appropriate.

Last Updated: November 23, 2024 11:00pm (UTC)




On November 21, 2024, Blue Yonder experienced disruptions to its managed services hosted environment, which was determined to be the result of a ransomware incident.

Since learning of the incident, the Blue Yonder team has been working diligently together with external cybersecurity firms to make progress in their recovery process. We have implemented several defensive and forensic protocols.

With respect to the Blue Yonder Azure public cloud environment, we are actively monitoring and currently do not see any suspicious activity.

The experts along with the Blue Yonder team are working on multiple recovery strategies and the investigation is ongoing. At this point in time, we do not have a timeline for restoration.

Last Updated: November 22, 2024 5:00pm (UTC)