conti attacks Shutterfly inc.
Incident Date:
January 15, 2022
Overview
Title
conti attacks Shutterfly inc.
Victim
Shutterfly inc.
Attacker
Conti
Location
First Reported
January 15, 2022
Shutterfly Inc. Targeted by Conti Ransomware Group
Company Profile
Shutterfly Inc., headquartered in Redwood City, California, is a prominent player in the online retail and photography manufacturing industry. The company, which boasts a workforce of approximately 7,094 employees, generates over $2 billion in annual revenue. Shutterfly Inc. offers a wide range of photography-related services to consumers, enterprises, and educational institutions through its various brands, including Shutterfly.com, BorrowLenses, GrooveBook, Snapfish, and Lifetouch.
Vulnerabilities and Impact
In December 2021, Shutterfly fell victim to a ransomware attack orchestrated by the Conti group. This cyberattack encrypted more than 4,000 devices and 120 VMware ESXi servers owned by the company. The breach led to the unauthorized access and theft of sensitive employee data, such as names, salary details, and information related to FMLA leave and workers’ compensation claims. Shutterfly publicly acknowledged the data breach on March 22, 2022, and initiated the process of sending data breach notification letters to the impacted individuals.
Response and Mitigation
Shutterfly responded promptly to the ransomware attack by disconnecting affected systems from the network, applying security patches provided by MOVEit, and conducting a thorough forensic investigation with the help of leading cybersecurity firms. While the company did not disclose details regarding the ransom demand, it assured that measures were taken to secure both customer and employee data post-attack.
Previous Attacks
The December 2021 ransomware attack on Shutterfly was not an isolated incident but part of a broader campaign by the Conti group. This campaign targeted numerous organizations across different sectors, including Shell, Deutsche Bank, the University of Georgia (UGA) and University System of Georgia (USG), UnitedHealthcare Student Resources (UHSR), Heidelberger Druck, and Landal Greenparks. Shutterfly's experience underscores the pervasive threat of ransomware attacks and the critical need for vigilant cybersecurity practices.
Sources
- Shutterfly Inc. - Official Website
- Shutterfly Inc. - New Hampshire Attorney General
- Data Breach Alert: Shutterfly, Inc. - URL not found
- Shutterfly discloses data breach after Conti ransomware attack - URL not found
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.