A ransomware attack disrupted a third-party software system that Starbucks uses to track and manage its baristas’ schedules, forcing the coffee chain to switch to manual mode to ensure its employees are paid properly, a spokesperson said Monday. Starbucks.

Starbucks store management has advised its employees on how to manually work around the outage, and the company will ensure everyone is paid for all hours worked, according to Starbucks spokeswoman Jaci Anderson.

Starbucks joins a growing list of companies disrupted by the hack of Blue Yonder, an Arizona-based cloud service provider that serves grocery stores and Fortune 500 companies. Two of the four largest grocery chains in the United Kingdom told CNN this weekend that they were taking steps to deal with the Blue Yonder outage.

The Wall Street Journal first reported that Starbucks was hit by the Blue Yonder hack.

Automaker Ford said Monday it was investigating any potential impact.

“Ford is aware and actively investigating whether a cyber incident at a third-party vendor impacts our operations or systems,” Ford spokesman Ian Thibodeau said.

A number of large multinational companies use Blue Yonder cloud services to manage their supply chains. The company declined to answer questions about which customers were affected by the hack. Blue Yonder’s latest public statement says it is “working around the clock to respond to this incident and continues to make progress.”

Since the hackers struck last week, Blue Yonder has been working with US-based clients to mitigate any customer impact.

Blue Yonder has hired US cybersecurity firm CrowdStrike to recover from the hack, two sources familiar with the matter told CNN. A CrowdStrike spokesperson referred questions to Blue Yonder.

Ransomware attacks typically lock down computer systems so hackers can demand extortion fees. Cybercriminals extorted a record $1.1 billion in ransoms from victim organizations around the world in 2023 despite efforts by the US government to cut off their financial flows, according to crypto tracking firm Chainalysis.

Ransomware attacks are ubiquitous throughout the year, but the holiday shopping season can be a particularly opportune time for hackers as businesses rush to fulfill orders.

Cybersecurity firm Semperis found that 86% of organizations surveyed in the US, UK, France and Germany that faced ransomware attacks did so over a holiday or weekend. .

The disruption is the latest challenge facing new Starbucks CEO Brian Niccol, who is struggling with three straight quarters of declining sales.