Ransomware cyber

Shutterfly

Sep 3, 2022 1 min read
Shutterfly

Online retail and photography manufacturing platform Shutterfly suffered a data breach after the Conti ransomware group stole data during a ransomware attack.

The threat actors both locked up and encrypted 4,000 devices and 120 VMware ESXi servers and accessed some of the data on those systems including the personal information of certain people.

The information included employees' personal information, including names, salary and compensation information, and FMLA leaves or workers’ compensation claims.

Data posted on a private page also contained legal agreements, bank and merchant account info, login credentials for corporate services, spreadsheets, and some customer information, including the last four digits of credit cards.

Source: https://www.bleepingcomputer.com/news/security/shutterfly-discloses-data-breach-after-conti-ransomware-attack/

TPRM report: https://www.rankiteo.com/company/shutterfly

"id": "shu224131822",
"linkid": "shutterfly",
"type": "Ransomware",
"date": "6/2017",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'Retail and Photography',
                        'name': 'Shutterfly',
                        'type': 'Online retail and photography manufacturing '
                                'platform'}],
 'attack_vector': 'Ransomware',
 'data_breach': {'data_exfiltration': True,
                 'personally_identifiable_information': ['Names',
                                                         'Salary and '
                                                         'compensation '
                                                         'information',
                                                         'FMLA leaves',
                                                         'Workers’ '
                                                         'compensation claims',
                                                         'Last four digits of '
                                                         'credit cards'],
                 'type_of_data_compromised': ['Employee personal information',
                                              'Legal agreements',
                                              'Bank and merchant account info',
                                              'Login credentials for corporate '
                                              'services',
                                              'Spreadsheets',
                                              'Customer information']},
 'description': 'Shutterfly suffered a data breach after the Conti ransomware '
                'group stole data during a ransomware attack.',
 'impact': {'data_compromised': 'Employee personal information, legal '
                                'agreements, bank and merchant account info, '
                                'login credentials for corporate services, '
                                'spreadsheets, and some customer information',
            'systems_affected': ['4,000 devices', '120 VMware ESXi servers']},
 'motivation': 'Data theft and ransom',
 'ransomware': {'data_encryption': True,
                'data_exfiltration': True,
                'ransomware_strain': 'Conti'},
 'threat_actor': 'Conti ransomware group',
 'title': 'Shutterfly Data Breach and Ransomware Attack',
 'type': 'Ransomware and Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.