Shutterfly discloses data breach after Conti ransomware attack

Gandalf_The_Grey

Level 67
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
5,616
Online retail and photography manufacturing platform Shutterfly has disclosed a data breach that exposed employee information after threat actors stole data during a Conti ransomware attack.

Shutterfly offers photography-related services to consumers, the enterprise, and education through various brands, including Shutterfly.com, BorrowLenses, GrooveBook, Snapfish, and Lifetouch.

Today, Shutterfly disclosed that its network was breached on December 3rd, 2021, due to a ransomware attack.

During ransomware attacks, threat actors will gain access to a corporate network and steal data and files as they spread throughout the system. Once they gain access to a Windows domain controller, and after harvesting all valuable data, they deploy their ransomware to encrypt all network devices.

According to Shutterfly's data breach notification, the Conti threat actor deployed the ransomware on December 13th, 2021, when the company first became aware that they were compromised.

"The attacker both locked up some of our systems and accessed some of the data on those systems. This included access to personal information of certain people, including you," reads Shutterfly's data breach notification filed with the California Attorney General's Office.

"We believe the access occurred on or about December 3, 2021. We discovered the incident on December 13, 2021.

Shutterfly states that the documents stolen during the attack may have contained employees' personal information, including names, salary and compensation information, and FMLA leave or workers’ compensation claims.

Shutterfly is offering two years of free credit monitoring from Equifax for those affected.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top