Shutterfly, an online retail and photo production platform, has revealed a data breach that exposed employee information after threat actors stole data during a Conti ransomware attack.
Shutterfly provides photography-related services to consumers, businesses and education through several brands, including Shutterfly.com, BorrowLenses, GrooveBook, Snapfish and Lifetouch.
Shutterfly announced today that a ransomware attack occurred on its network on December 3, 2021.
During ransomware attacks, threat actors gain access to a corporate network and steal data and files as they propagate through the system. Once they gain access to a Windows domain controller and after collecting all the valuable data, they deploy their ransomware to encrypt all network devices.
According to the Shutterfly data breach report, the Conti threat actor deployed the ransomware on December 13, 2021, when the company first discovered they had been compromised.
“The attacker both locked down some of our systems and gained access to some of the data on those systems. This included access to personal information of certain people, including you,” said a Shutterfly data breach notification. filed with the California Attorney General.
“We believe the access occurred on or about December 3, 2021. We discovered the incident on December 13, 2021.
Shutterfly says the documents stolen during the attack may contain employee personal information, including names, salary and compensation information, and FMLA claims for leave or workers’ compensation.
Shutterfly offers two years of free Equifax credit monitoring for those affected.
Shutterfly Affected by Conti Ransomware
While Shutterfly’s report of a data breach didn’t shed much light on their attack, BleepingComputer announced in December that the company had been subject to a Conti ransomware attack.
At the time of the attack, a source told BleepingComputer that Conti had encrypted more than 4,000 Shutterfly devices and 120 VMware ESXi servers.
A private data leak page also showed samples of the data stolen from Shutterfly, which we were told contained legal agreements, banking and merchant account information, business services credentials, spreadsheets, and what appears to be customer information, including the last four digits of credit cards.
Conti ransomware data breach page for Shutterfly
Since then, the Conti ransomware operation has released 7.02 GB of data it claims was stolen during the attack, including archives named after financial, legal, customer service, and payroll data.
Shutterfly says they are working with outside cybersecurity experts to continue the investigation into the attack.
However, Shutterfly cautions employees to continue to monitor their credit reports and accounts for suspicious activity and to remain vigilant.
This post Shutterfly reveals data breach after Conti ransomware attack
was original published at “https://www.bleepingcomputer.com/news/security/shutterfly-discloses-data-breach-after-conti-ransomware-attack/”