A major technology provider for hundreds of large retailers is struggling to recover from a ransomware attack that began last Thursday. 

Blue Yonder — which provides systems for fulfillment, delivery and returns for more than 3,000 major companies across 76 countries — said last week that its managed services were disrupted, prompting the company to hire an external cybersecurity firm. 

The company provided updates on Saturday and Sunday, warning customers that the “Blue Yonder team is working around the clock to respond to this incident and continues to make progress.”

“Our investigation remains ongoing, but please know that our priority is to ensure a safe and secure recovery. At this point in time, we do not have a timeline for restoration,” the company said.

Blue Yonder did not respond to requests for comment about whether the hackers have identified themselves or if a ransom has been issued. 

Blue Yonder provides customers with AI-driven supply chain platforms and other tools to manage capacity, inventory and transport. It was purchased by Panasonic in 2021 for about $8.5 billion. 

Its customers range from supermarket chains like Morrisons to consumer goods companies like Amway, Anheuser-Busch, Dole and Gap. Other customers include Microsoft, Ford, Lenovo, Mitsubishi and Nestle. 

CNN was the first to report the incident on Saturday, noting that several U.K.-based grocery chains were forced to adopt contingency measures to deal with the ransomware attack on Blue Yonder. 

The Wall Street Journal added on Monday that Starbucks officials told them that the ransomware attack affected their ability to pay employees and manage schedules across thousands of stores in North America. 

This is the second attack affecting retailers ahead of the shopping holidays built around Thanksgiving. Dutch company Ahold Delhaize has continued to struggle after a cyberattack affected several of its subsidiaries, including Stop & Shop, Hannaford, Food Lion and Giant Food.

The company told Recorded Future News last week that its investigation is “ongoing” and that their teams “are taking steps to assess and mitigate the issue.” 

“We will continue to take actions to further protect our systems,” company officials said.