Powered by MOMENTUM MEDIA
cyber daily logo

Breaking news and updates daily.

Subscribe to our Newsletter

Powered by MOMENTUM MEDIA
Breaking news and updates daily. Subscribe to our Newsletter
facebook linkedin X Instagram youtube

Explore

SECTIONS

MORE

search button

New ransomware gang claims Blue Yonder cyber attack

Threat actors have finally claimed responsibility for the Blue Yonder cyber attack that occurred last month.

user icon Daniel Croft
Mon, 09 Dec 2024 Security
New ransomware gang claims Blue Yonder cyber attack
expand image

Discovered on 21 November, the supply chain attack affected a number of major organisations, including Starbucks, Morrisons, and Sainsbury’s.

In an update posted on 1 December, Blue Yonder said its recovery process has begun and that customers are restoring systems.

Until now, however, no threat actor had claimed responsibility for the incident. The Termite ransomware gang has now listed Blue Yonder on its dark web leak site.

============
============

“Our team got 680gb of data such as DB dumps Email lists for future attacks (over 16000) Documents (over 200000) Reports Insurance documents,” said the threat group.

“Check for updates. Data links will be available soon.”

Blue Yonder also publicised that threat actors had made accusations that they had stolen data, adding that it has notified affected customers and is engaging with experts to deal with the claims.

“After the recent ransomware attack, Blue Yonder worked with external cyber security firms and strengthened our defensive and forensic protocols. We have notified customers who were impacted by operational disruptions and have been working with them throughout the restoration process,” the company said in its latest update.

“We are aware that an unauthorised third party claims to have taken certain information from our systems. We are working diligently with external cyber security experts to address these claims. The investigation remains ongoing.”

Cyber Daily logo
VIEW ALL

Termite ransomware is a freshly observed operation, first identified in November 2024.

The company only has a handful of victims on its site, with Blue Yonder being the most recent listing. Other victims include Nifast and Oman Oil.

As a result of its recent emergence, not much is known about the group; however, they have been identified as engaging in double extortion, blackmail and direct extortion techniques and leaking free data.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.
CD Logo

OUR PLATFORMS AND BRANDS

EVENTS AND SUMMITS

PODCASTS

LEARNING AND EDUCATION

MOMENTUM MARKETS NETWORK

LINKS

STAY CONNECTED

Be the first to hear the latest developments in the cyber industry.

momentummedia media
most innovative companies awards

OUR PLATFORMS AND BRANDS

EVENTS AND SUMMITS

PODCASTS

LEARNING AND EDUCATION

MOMENTUM MARKETS NETWORK

LINKS

CATEGORIES

STAY CONNECTED

Copyright © 2025 MOMENTUMMEDIA