27 December 2021

Shutterfly becomes the latest victim of the Conti ransomware


Shutterfly becomes the latest victim of the Conti ransomware

Shutterfly, an American photography, photography products, and image sharing company, has fallen victim to a Conti ransomware attack, with operators behind the ransomware claiming to gave encrypted over 4,000 devices and 120 VMware ESXi servers, BleepingComputer reports.

The sources told BleepingComputer that the attackers are demanding millions of dollars as a ransom from the company.

Shutterfly has confirmed the security breach in a following statement:

“Shutterfly, LLC recently experienced a ransomware attack on parts of our network. This incident has not impacted our Shutterfly.com, Snapfish, TinyPrints or Spoonflower sites. However, portions of our Lifetouch and BorrowLenses business, Groovebook, manufacturing and some corporate systems have been experiencing interruptions. We engaged third-party cybersecurity experts, informed law enforcement, and have been working around the clock to address the incident.

As part of our ongoing investigation, we are also assessing the full scope of any data that may have been affected. We do not store credit card, financial account information or the Social Security numbers of our Shutterfly.com, Snapfish, Lifetouch, TinyPrints, BorrowLenses, or Spoonflower customers, and so none of that information was impacted in this incident. However, understanding the nature of the data that may have been affected is a key priority and that investigation is ongoing. We will continue to provide updates as appropriate.”

On a Shutterfly data leak page the Conti ransomware gang has published screenshots of data allegedly stolen from Shutterfly, including legal agreements, bank and merchant account information, login credentials for corporate services, spreadsheets, and what appears to be customer information, including the last four digits of credit cards. Currently, it is not clear, whether the company has downplayed the impact of the attack and the damage is far larger than Shutterfly has revealed.

In September, the US Federal Bureau of Investigation (FBI), National Security Agency (NSA), and Cybersecurity and Infrastructure Security Agency (CISA) warned of an increase in Conti ransomware attacks. The agencies said they observed more than 400 attacks on U.S. and international organizations involving Conti ransomware.


Back to the list

Latest Posts

The story of the four bears: Brief analysis of APT groups linked to the Russian government

The story of the four bears: Brief analysis of APT groups linked to the Russian government

In “The Four Bears” series we will tell you about the APT groups known as Fancy Bear, Cozy Bear, Voodoo Bear, and Berserk Bear.
17 January 2022
Cybersecurity year in review: Most notable APT hacks of 2021

Cybersecurity year in review: Most notable APT hacks of 2021

In 2021 nation-state actors somewhat faded into the background, but they still pose a significant threat.
17 January 2022
Hackers put up for sale data of 2M ONUS customers after the company refused to pay $5 million ransom

Hackers put up for sale data of 2M ONUS customers after the company refused to pay $5 million ransom

The attackers exploited the Log4Shell vulnerability on ONUS’ Cyclos server to plant backdoor and exfiltrate data.
30 December 2021