Shutterfly Services Disrupted By Conti Ransomeware Attack

Photography and personalized photo giant Shutterfly has suffered a Conti ransomware attack that allegedly encrypted thousands of devices and stole corporate data. BleepingComputer reports: On Friday, a source told BleepingComputer that Shutterfly suffered a ransomware attack approximately two weeks ago by the Conti gang, who claims to have encrypted over 4,000 devices and 120 VMware ESXi servers. While BleepingComputer has not seen the negotiations for the attack, we are told that they are underway in progress and that the ransomware gang is demanding millions of dollars as a ransom. Conti has created a private Shutterfly data leak page containing screenshots of files allegedly stolen during the ransomware attack, as part of this "double-extortion" tactic. The attackers threaten to make this page public if a ransom is not paid. BleepingComputer has been told that these screenshots include legal agreements, bank and merchant account info, login credentials for corporate services, spreadsheets, and what appears to be customer information, including the last four digits of credit cards. Conti also claims to have the source code for Shutterfly's store, but it is unclear if the ransomware gang means Shutterfly.com or another website. After contacting Shutterfly on Friday about the attack, BleepingCompuer was sent a statement confirming the ransomware attack late Sunday night. This statement [...] says that the Shutterfly.com, Snapfish, TinyPrints, or Spoonflower sites were not affected by the attack. However, their corporate network, Lifetouch, BorrowLeneses, and Groovebook had disrupted services. While Shutterfly states that no financial information was disclosed, BleepingComputer was told that one of the screenshots contains the last four digits of credit cards, so it is unclear if there is further, and more concerning, information stolen during the attack.

Read more of this story at Slashdot.