Shutterfly hit by ransomware attack
Photography company Shutterfly announced this week that it had been hit by a ransomware attack that had impacted some services, making it the latest in a string of companies to be targeted by hackers looking for a payout.
The company announced the attack in a statement posted to its website on Sunday, noting the incident had impacted portions of the Lifetouch and BorrowLenses business, along with Groovebook, manufacturing and some corporate systems. Shutterfly.com and other related websites were not hit.
“We engaged third-party cybersecurity experts, informed law enforcement, and have been working around the clock to address the incident,” the company wrote in the statement. “As part of our ongoing investigation, we are also assessing the full scope of any data that may have been affected.”
While the company was not aware as of Sunday what data had been compromised, it emphasized that credit card numbers, other financial information and Social Security numbers were not stored by Shutterfly.
“None of that information was impacted in this incident,” the company wrote. “However, understanding the nature of the data that may have been affected is a key priority and that investigation is ongoing. We will continue to provide updates as appropriate.”
Bleeping Computer reported Monday that the Conti hacking gang was behind the attack, which had involved encrypting around 4,000 Shutterfly devices beginning two weeks ago. The outlet reported that the hackers were demanding millions of dollars in ransom payment and threatening to release stolen pages of legal agreements, login credentials and other sensitive information if not paid in the next few days.
A spokesperson for Shutterfly did not comment on these findings to The Hill, pointing instead to the company’s statement.
The Conti ransomware strain is one of the most prolific currently in use, with a coalition of U.S. federal agencies issuing a joint alert warning organizations to be aware of the dangers related to Conti attacks earlier this year.
The agencies noted that as of September, around 400 U.S. and international groups had been victimized by the ransomware variant, with victims including healthcare and first responder organizations. BBC News reported in May that the ransomware attack on the Irish healthcare system was linked to the Conti ransomware group, an attack that caused massive disruptions.